Early last year, we published a blog outlining the events of 2017 that were most likely to attract the attention of malicious actors who would present potential risks to your organizations. Unsurprisingly, many of the usual suspects were active at significant points in the year, such as tax deadline day, the German elections, and Black Friday.
We are doing this again this year and want to make sure that you have these key events on your radar. When assessing the key events of 2018, we need to look at the activities of cybercriminals, hacktivists and nation-state affiliated actors.
|6 February||G20 summit||Nation State; Hacktivism||Argentina||Government|
|9 February||Winter Olympics||Nation State; Hacktivism; Cybercrime||South Korea||Event Sponsors, Consumers, Retailers; Hospitality|
|13 February||Tibetan Independence Day||Nation State; Hacktivism||Tibet; China; India||Government|
|4 March||Italian Elections||Nation State||Italy||Government|
|18 March||Russian Presidential Election
|17 April||Tax Deadline Day||Cybercriminal||United States||Consumers|
|14 June||FIFA World Cup||Cybercriminal; Nation State; Hacktivism;||Russia||Event Sponsors, Consumers, Retailers; Hospitality|
|14 August||Pakistan Independence Day||Nation State||India; Pakistan||Unknown|
|9 September||Swedish Elections||Nation State||Sweden||Government|
|18 September||Anniversary of the Mukden Incident||Hacktivism||Japan||Unknown|
|November||Irish Presidential Election||Nation State||Ireland||Retail, Consumers|
|23 November||Black Friday||Cybercriminal||United States||Retail, Consumers|
|26 November||Cyber Monday||Cybercriminal||United States||Retail, Consumers|
|25 December||Christmas Day||Hacktivism||All||Online Gaming|
With an ever-increasing amount of money spent online, there are more opportunities for card not present fraud (fraud that can occur with transactions that are conducted online or over the phone). Just as we discovered in our “Retail Risks” whitepaper, these are risks that exist throughout the year. During Black Friday and Cyber Monday, criminal efforts tend to increase to take advantage of the increased number of transactions being made. Similarly, as we approach 17th April (that’s two days later than normal), we’re likely to see new techniques around tax return fraud emerge as criminals look to bypass IRS antifraud measures.
There are other events that are likely to provide rich-pickings for cybercriminals. Two years ago, wrote about the risks to the Rio Olympics for retailers, sponsors, and consumers. Similarly, the Winter Olympics and the FIFA World Cup are expected to attract cybercriminals seeking to exploit card-wielding tourists.
Despite the predictability of some reoccurring online protests, the significance of hacktivist campaigns is often difficult to anticipate. One example of such reoccurring campaigns is OpVendetta, which occurs each year on November 5. We monitor the levels of participation and organization to assess the likely impact of the campaign, as seen recently with the OpCatalunya operation that targets companies operating in Spain.
Of course, hacktivist campaigns are not always as they appear; Anonymous Poland, for example, have previously demonstrated characteristics of a nation-state proxy. We will have to wait and see whether more hacktivist groups demonstrate techniques beyond the typical denial of service attacks and website defacements.
Since the 2016 U.S. Presidential Election, election season has become a common time of the year for nation states and their affiliated groups to develop online campaigns. There are a range of tools and techniques widely available to actors who seek to influence elections. We’ll be keeping an eye on a host of elections coming up in 2018, but the key ones will be the Russian, Swedish, and Italian elections.
While this is by no means a definitive list of 2018 hot spots, outlining these events at the beginning of the year provides us with areas of focus. With this focus, we can monitor for the key drivers and assess the likely impact of a particular campaign or event. To stay up to date with the latest key events, threat intelligence, and research, subscribe to our email list here.