- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: State actors and criminal actors respond to current events
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
State actors and criminal actors respond to current events
- Responding to the Covid-19 pandemic. Soon after the outbreak of the Covid-19 pandemic, there were indications that actors were (opportunistically) abusing the situation to carry out "thematic" cyber attacks.
- Active abuse of various vulnerabilities: In 2019 and early 2020, active abuse of various vulnerabilities by state and criminal actors was observed. The AIVD and MIVD confirm that state actors have exploited vulnerabilities in Fortigate and Pulse secure VPN software. Therefore, the AIVD and MIVD have also advised companies and other organizations about measures. The vulnerabilities in Citrix ADC and Citrix Gateway servers were actively exploited by actors soon after the available exploit - which was published on January 9, 2020.
Actief misbruik van diverse kwetsbaarheden
In 2019 en begin 2020 is actief misbruik waargenomen van verschillende kwetsbaarheden door statelijke en criminele actoren. De AIVD en MIVD bevestigen dat statelijke actoren misbruik hebben gemaakt van kwetsbaarheden in Fortigate en Pulse secure VPN-software. Daarom hebben de AIVD en MIVD ook bedrijven en andere organisaties geadviseerd over maatregelen. De kwetsbaarheden in Citrix ADC en Citrix Gateway servers werden snel na de beschikbare exploit – die op 9 januari 2020 werd gepubliceerd - actief misbruikt door actoren. De AIVD en MIVD bevestigen dat een statelijke actor de publiek gemaakte kwetsbaarheid in Citrix-servers heeft misbruikt bij voorbereidingen voor cyberspionage. Criminelen maakten gebruik van de kwetsbaarheden in Citrix-servers om organisaties met ransomware te infecteren.
Actoren spelen in op Covid-19 pandemie
Al vrij snel na het uitbreken van de Covid-19 pandemie waren er aanwijzingen dat actoren de situatie (opportunistisch) misbruikten om ‘gethematiseerde’ cyberaanvallen uit te voeren. Zo zijn er cyberaanvallen uitgevoerd op ziekenhuizen, onderzoeksinstituten en de Wereldgezondheidsorganisatie. Maar niet alleen de zorgsector was doelwit, ook overheden en burgers kregen te maken met uiteenlopende cyberaanvallen.