At the forefront of the digital revolution, technology is increasingly being weaponized. In this Cyber Digest, ESCU explores the growing cyber confrontation between the West and the East.
AI Enhances Cyberattacks by CRINK Countries
Hacker groups from China, Iran, and North Korea are using generative artificial intelligence to improve phishing attacks and develop more sophisticated malware, according to Google. AI enables automation of attacks and significantly enhances social engineering, making them harder to detect and prevent.
For example, the technology is used to craft convincing phishing emails, tailor messages to specific targets, and analyze open-source data to gather intelligence on target organizations.
DeepSeek Chat Data Leak
In the previous Sanctions Digest, ESCU already covered the new Chinese AI DeepSeek. Along with its technological capabilities and affordability, concerns over its security have now emerged. Wiz Research discovered a data leak from DeepSeek’s database, exposing user chat histories.
According to the research, the database was misconfigured, allowing unauthorized access to a significant number of sensitive records. The leak may include personal user data, confidential work-related inquiries, and internal corporate information. It is still unknown whether hackers have exploited these records or if they have been made publicly available.
Meanwhile, Italy has already banned DeepSeek due to concerns from its data protection authority regarding the app’s privacy policies.
GUR’s Cyberattack on Gazprom
The cyber unit of Ukraine’s Main Directorate of Intelligence (GUR) carried out a DDoS attack on the digital infrastructure of Russian companies Gazprom and Gazprom Neft, causing disruptions in key online services.
The attack targeted company servers, leading to the temporary shutdown of internal data management platforms. This is one of the largest cyberattacks by Ukrainian cyber units on Russia’s energy sector in the past year. According to preliminary assessments, the attack may have caused financial losses due to delays in production processes and restricted access to the companies’ digital infrastructure.
The UK Accelerates Military Recruitment for Cyber Units
The UK government has launched an accelerated recruitment program for cyber units within the armed forces to strengthen national cyber defense. The changes will allow for the faster enlistment of cybersecurity specialists, reducing the time between application submission and acceptance into service.
The enhancement of cyber defense comes in response to the growing number of attacks on British financial institutions, critical infrastructure, and government systems. According to a government statement, the program also aims to modernize the country’s cyber threat response system, enabling faster reactions to emerging challenges.
Trump Administration Concerned About Chinese Hackers
The Donald Trump administration is ramping up cybersecurity measures due to an increase in cyberattacks by Chinese hacker groups, reports The Washington Post. According to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), these attacks are targeting government agencies, defense contractors, and critical infrastructure.
The administration is assessing the need for additional measures to strengthen cybersecurity and considering expanding cooperation with international partners in cyber defense.
EU Leaders Discuss Cybersecurity and Hybrid Attacks
At an informal meeting, EU leaders discussed cybersecurity, reviewing potential measures to enhance collective protection against cyber threats.
The discussion focused on joint responses to cyber incidents and strengthening the security of Europe’s digital infrastructure. The conclusions of the meeting are expected to form the basis for new cybersecurity policies within the EU.
These were the most pressing cybersecurity updates. Follow ESCU's to get the next digest first.