CFR Cyber Operations Tracker lists 147 operations for 2022

The Digital and Cyberspace Policy program’s cyber operations tracker is a database of the publicly known state-sponsored incidents that have occurred since 2005. They have now completed entries for last year. There were 147 campaigns listed for 2022. Visit the tracker here.

1. Targeting of Ukrainian and Polish military personnel
2. Targeting of Russian military officials
3. Targeting of Hungarian Foreign Ministry networks
4. Targeting of governments in the Middle East and Africa
5. Earth Lusca
6. Targeting of Ukrainian state bodies
7. Targeting of Ukrainian organizations with CaddyWiper
8. Targeting of South Korea with multiple spear-phishing campaigns
9. Targeting of U.S. federal agency
10. Targeting of journalists at News Corp
11. Targeting of organizations in Asia, Europe, and North America
12. Targeting of Palauans via an Australian telecommunications company
13. Targeting of Northwestern Polytechnical University
14. Targeting of Citrix Systems software
15. Targeting of Moscow Stock Exchange and Sberbank websites
16. Targeting of Catalan separatists
17. Targeting of pro-democracy organizations and activists in Thailand
18. Targeting of medical professionals
19. Targeting of Middle Eastern government institutions in phishing campaign
20. Targeting of Ukrainian government officials
21. Targeting of major Ukrainian broadcasting company
22. Targeting of military personnel, government officials, employees of human rights and other nonprofit organizations, and students in Afghanistan, India, Pakistan, Saudi Arabia, and the United Arab Emirates (UAE)
23. Targeting of Asian and Australian governments and government partners
24. Targeting of Middle Eastern governments, foreign policy think tanks, and a state-affiliated airline
25. Targeting of Ukrainian institutions and U.S. and European foreign policy institutions and think tanks
26. Targeting of major telecommunications and network service providers
27. APT 42
28. Targeting of Amnesty International Canada
29. Ukrainian IT Army
30. Targeting of Ukrainian, Latvian, and Lithuanian computer systems
31. Targeting of government, military, and energy sectors in Pakistan
32. Targeting of Myanmar government agencies
33. Targeting of transportation companies via UEFI firmware implant
34. Targeting of Viasat's satellite broadband service
35. Targeting of Ukrainian agricultural firm
36. Targeting of military and public institutions in Afghanistan and several east European countries
37. Targeting of Ukrainian local government organization
38. Targeting of the International Atomic Energy Agency and South Korean defense contractor
39. Targeting of the Indian power grid
40. Aoqin Dragon
41. Targeting of organizations in an Iranian ransomware campaign
42. Targeting of U.S. satellite network
43. Targeting of Russian diplomats in Asia
44. Targeting of Ukrainian government websites
45. Targeting of specialized engineering companies
46. Targeting of U.S. political reporters and White House correspondents
47. Targeting of Japanese crypto-asset businesses
48. Targeting of German pharmaceutical and technology firms
49. Targeting of American news media and IT companies
50. Targeting of a Ukrainian transportation and logistics provider
51. Targeting of various industries with Maui ransomware
52. Targeting of the Pakistani government
53. ModifiedElephant
54. Targeting of Ukrainian power stations
55. Targeting of telecommunications companies operating in Africa, Europe, and Southeast Asia
56. Targeting of government officials in Europe, the Middle East, and South America
57. Targeting of European government trade departments
58. Targeting of Pakistani research institutions
59. Targeting of American state governments' networks
60. Targeting of Ukrainian users of Chrome, Edge, and Firefox browsers
61. Targeting of the Ukrainian Azov Regiment
62. Targeting of companies in Hong Kong
63. Targeting of Ukrainian telecommunication company's internet service
64. Red Menshen
65. Targeting of Uyghur communities
66. Targeting of Australian media outlet
67. Targeting of telecommunication companies, internet service providers, and the data services sector
68. Targeting of high-level U.S. and Israeli officials
69. Targeting of Montenegrin government infrastructure
70. Targeting of non-fungible token (NFT) owners
71. Targeting of journalists in El Salvador
72. Targeting of European diplomatic entities, research entities, and internet service providers
73. Targeting of a defense and cybersecurity organization in the Baltics
74. Targeting of high-profile individuals at European embassies
75. Targeting of Iranian citizens
76. Targeting of Ukrainian organizations and Western government entity
77. Targeting of Indian government and military officials
78. Targeting of telecommunications providers across the United States, Asia, and the Middle East
79. Targeting of Israeli organizations using SysAid
80. Targeting of U.S. COVID relief funds
81. Targeting of Ukrainian banks and defense ministry
82. Targeting of Axie Infinity’s Ronin Network
83. Targeting of media stations such as newspapers and radio stations in Ukraine
84. Targeting of an Asian IT provider
85. Targeting of Asian government agencies and certificate authorities
86. Targeting of Ukrainian government websites
87. Targeting of Bahraini activists with Pegasus spyware
88. Targeting of technology and manufacturing companies in Asia, Europe, and North America
89. Targeting of the Belgian Federal Public Service Interior by Chinese threat actors
90. Targeting of Sri Lankan government
91. Targeting of German companies
92. Targeting of Hungary's foreign ministry networks
93. Targeting of Ukrainian organizations in phishing campaign
94. Targeting of South Korean diplomats, professors, and researchers
95. Targeting of activists at Human Rights Watch, journalists, and politicians
96. Targeting of American defense contractors
97. Targeting of South Korean chemical sector organizations
98. Targeting of Indian activists
99. Space Pirates
100. Targeting of cryptocurrency start-ups
101. Targeting of entities in Turkey and the Arabian Peninsula
102. Targeting of diplomatic organizations in the Americas, Asia, and Europe
103. Targeting of Mexican journalists and human rights defenders
104. Targeting of Turkish government organizations
105. Targeting of Ukrainian organizations
106. Targeting of Jordanian government
107. Targeting of St. Petersburg Economic Forum
108. Targeting of the Burmese government and passport storage systems
109. Targeting of Taiwanese financial institutions
110. Targeting of UK government officials
111. Targeting of Middle Eastern countries
112. Targeting of nuclear security researcher
113. Targeting of dissidents and opposition political candidates in Ghana
114. Targeting of Ukrainian state entities
115. Targeting of Russian and Belarusian websites
116. Targeting of the Belgian Federal Public Service Interior in Chinese espionage campaign
117. Targeting of Ukrainian government agencies
118. Targeting of Palestinian entities and activists
119. Targeting of government agencies in the European Union
120. Targeting of Rostec
121. Targeting of Albanian government
122. Targeting of users of cryptocurrency applications
123. Targeting of VMWare Horizon servers with Log4Shell vulnerability
124. Targeting of cryptocurrency company employees
125. Targeting of individual suspects in serious criminal investigations within Canada
126. Targeting of Ukrainian government agencies in espionage campaign
127. Targeting of Israeli activist
128. Targeting of Ukrainian government and IT sector systems with WhisperGate malware
129. Targeting of Belgian Defense Ministry
130. Targeting of Uyghur populations
131. Targeting of Jordanian activists
132. Targeting of Tibetans living abroad
133. Targeting of Australian, Malaysian, and European organizations and organizations operating in and around the South China Sea.
134. Targeting of Latvian, Lithuanian, and Ukrainian computer systems
135. Targeting of journalists reporting on North Korea
136. Targeting of UN Interim Force in Lebanon (UNIFIL)
137. Targeting of Ukrainian networks via fake telecommunications firms
138. Targeting of local Israeli officials
139. Targeting of Asus routers
140. Targeting of government network in Vinnytsia, Ukraine
141. Targeting of European Union (EU) member states
142. Targeting of Polish and Ukrainian transportation companies
143. Antlion
144. Targeting of Israeli officials
145. Targeting of Boston Children’s Hospital
146. Targeting of industrial enterprises and public institutions in Central Asia and Eastern Europe
147. Targeting of Chinese users with three zero days

Tracking State-Sponsored Cyberattacks Around the World

The Digital and Cyberspace Policy program's cyber operations tracker is a database of the publicly known state-sponsored incidents that have occurred since 2005.

www.cfr.org

tags: information operations russia china iran united states cyber operations cybersecurity elections influence