ACCORDING to Google Threat Intelligence Group (GTIG), a new report paints a stark picture of the modern battlefield, where the defence industrial base is under a state of constant, multi-vector siege by state-sponsored actors and criminal syndicates. The overview highlights Russia’s espionage focus on unmanned aircraft systems and North Korean IT workers infiltrating Western defence contractors, with the aim of stealing secrets, disrupting supply chains and undermining national security.
The report notes a key emphasis on personnel, including insider threats, such as a North Korean worker who secured a remote software development role at a Virginia-based company working on a government defence contract and sent earnings back to the regime. It also references a cluster of actors, from TEMP[.]Vermin linked to the Luhansk People’s Republic to APT44 (Sandworm) targeting military personnel, and a Chinese-nexus presence exploiting edge devices and numerous zero-days since 2020.
GTIG observes a surge in geopolitically motivated hack-and-leak activity by pro-Russia and pro-Iran groups, and warns that organisations must move beyond reactive postures to defend networks as vigorously as they defend the nation.