Symantec published a report revealing the details on the cyber espionage group named Seedworm acting in 2017-2018 to gather intelligence on targets in telecom and IT services that opened access to the oil and gas sector mainly in Pakistan and Turkey. Seedworm also affected Russia (11 victims belongs to one Russian firm), Saudi Arabia, Afghanistan, Jordan, and organisations in Europe and North America that have ties to the Middle East.
The group used GitHub to store the malware and exploit several publicly available open-source tools like LaZagne and Crackmapexec which they customised to carry out their attacks.
Cybersecurity is among the main concerns of governments, Internet users, technical and business communities. Cyberthreats and cyberattacks are on the increase, and so is the extent of the financial loss.
Yet, when the Internet was first invented, security was not a concern for the inventors. In fact, the Internet was originally designed for use by a closed circle of (mainly) academics. Communication among its users was open.
Cybersecurity came into sharper focus with the Internet expansion beyond the circle of the Internet pioneers. The Internet reiterated the old truism that technology can be both enabling and threatening. What can be used to the advantage of society can also be used to its disadvantage.
Cyber-attacks can have a background in international relations, or bring about the consequences that can escalate to a political and diplomatic level. An increasing number of states appear to be developing their own cyber-tools for the defense, offence and intelligence related to cyberconflict.
The use of cyber-weapons by states - and, more generally, the behavior of states in cyberspace in relation to maintaining international peace and security - is moving to the top of the international agenda.