ApophisSquad activity increases; threat to British entities
Target: Large/government related British corporations, schools and gaming sector.
Attack Vector: Hoax threats, DDoS attacks, data leaks.
Threat Actor: ApophisSquad.
Summary: Since late 2017 increasing activity has been observed from the hacktivist group known as ApophisSquad. The group have been particularly active since March with the brunt of their activity targeted towards British institutions. The group have been observed sending hoax threats, conducting DDoS attacks and carrying out data leaks. These have all been carried out against various high-level targets, some related to government as well as major banks, such as Barclays UK. In addition, the group has promised further attacks. Risk assessment summary: This threat is assessed as 3b MODERATE. The release of open source tools which any threat actor can use is a significant risk in the long term. Many threat actors are restricted from carrying out DDoS attacks or gaining leaked credentials due to insufficient capacity or intelligence. The use of these tools will enable threat actors to overcome this barrier. The threat actor has also displayed an expert execution of DDoS attacks on numerous instances and also appears to prefer targeting big businesses and the gaming industry.
The chance of further attacks is also high, with the group indicating they will continue and also plan to release their DDoS tool which is still in development. In addition, the group has repeatedly disrupted the same targets, suggesting further repeated attacks are possible. However, there is no indication that the group is state-owned, which may alleviate the possibility of a tit-for-tat situation developing.