In the first quarter of 2024, a significant uptick in cyber attacks has been reported amidst escalating tensions in the South Chinese Sea, according to a report by RESECURITY company. Compared to the same period last year, cyber attacks have increased by almost 325%. The report highlights a three-fold increase in hackivist group activities and various disinformation campaigns.
Continuing into the second quarter of 2024, there has been a continuation of the trend with ResecUry monitoring numerous attacks launched by unidentified hacker groups since April. These attacks are characterized by a blend of hacktivist ideological motives and state-sponsored propaganda.
ResecUry has identified the Mustang Panda group, linked to China, as one of the prominent participants in the cyber information warfare. The use of pseudonyms associated with hacktivism enables threat actors to maintain anonymity, creating a facade of internal social discord.
As part of threat group analysis, Resecurity has identified several key actors intensifying their operations, including Philippine Exodus Security (PHEDS), Cyber Operation Alliance, Robin Cyber Hood (RCH), and Deathnote Hackerts. Additionally, collaborations with Arab Anonymous and Sylnet Gang-SG have been observed.
Analysts believe that the increased activity signifies preliminary preparations for broader malicious actions in the region, such as cyber espionage and targeted attacks on state institutions and critical infrastructure. Some of the primary targets include the Ministry of the Interior and Local Self-Government, the Bureau of Plant Crust, the National Police of the Philippines, and the Customs Bureau.