Events in cyberspace remain focused on the current Russo-Ukrainian war, which generates a significant amount of events. Both pro-Ukraine and pro-Russian factions have launched attacks with various degrees of sophistication against organizations of both countries. Involvement from Russian state-sponsored threat actors has reportedly been affected by the disruption of Command-and-Control (C2) servers controlled by Russia’s Main Intelligence Directorate (GRU). Hacktivists and cybercriminals from both sides remain active in targeting companies and individuals.
While the war is stealing the focus from other events, both Chinese and North Korean threat actors have been active in April 2022. At least one (1) Chinese-based threat actor has been observed using vulnerabilities to expand their infrastructure while the Lazarus group has reportedly stolen around 620 million worth of Ethereum.