GTIG maps constant multi-vector targeting of the defense industrial base
Target Trend
Summary
Hide ▲
Show ▼
GTIG identified a state-sponsored, hacktivist, and criminal targeting pattern against the defense industrial base (DIB), raising persistent espionage and intrusion risk across defense contractors and suppliers. The activity spans battlefield-supporting technologies, hiring-process abuse, edge devices, and supply-chain paths. It also includes secure messaging abuse, phishing, Android malware, and reconnaissance across multiple actor sets. The breadth of access methods makes detection harder and widens the attack surface for the sector.
Related Happenings
Client-facing app attack rates surged from 55% to 87%
Target Trend
First: 20.05.2026 17:37
Last: 20.05.2026 17:37
Sources 1
About this happening:
**Client-facing apps** are seeing a sharp rise in attack pressure, with measured attack rates climbing from **55% in 2022** to **87% in 2026**. That shift matters because it shows...
Client-facing app attack rates surged from 55% to 87%
Target TrendAbout this happening: **Client-facing apps** are seeing a sharp rise in attack pressure, with measured attack rates climbing from **55% in 2022** to **87% in 2026**. That shift matters because it shows...
AI-driven attack surge against customer-facing mobile apps in 2026
Target Trend
First: 19.05.2026 15:00
Last: 19.05.2026 15:00
Sources 1
About this happening:
**Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...
AI-driven attack surge against customer-facing mobile apps in 2026
Target TrendAbout this happening: **Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...
UAE and Gulf cyberattack surge after Iran conflict escalation
Target Trend
First: 06.05.2026 08:30
Last: 06.05.2026 08:30
Sources 1
About this happening:
Cyberattack volume surged across the **UAE** and wider **Gulf** after military operations against **Iran** began, pushing daily breach attempts to **600,000 to 800,000** and raisi...
UAE and Gulf cyberattack surge after Iran conflict escalation
Target TrendAbout this happening: Cyberattack volume surged across the **UAE** and wider **Gulf** after military operations against **Iran** began, pushing daily breach attempts to **600,000 to 800,000** and raisi...
ScarCruft sqgame[.]net supply-chain espionage campaign
Campaign
First: 05.05.2026 12:07
Last: 05.05.2026 12:07
Sources 1
About this happening:
**ScarCruft**'s **late-2024** supply-chain campaign against **sqgame[.]net** expanded a niche gaming platform compromise into a **multi-platform espionage channel**. The operation...
ScarCruft sqgame[.]net supply-chain espionage campaign
CampaignAbout this happening: **ScarCruft**'s **late-2024** supply-chain campaign against **sqgame[.]net** expanded a niche gaming platform compromise into a **multi-platform espionage channel**. The operation...
Bitter Middle East spear-phishing campaign targeting civil society figures
Campaign
First: 09.04.2026 13:45
Last: 09.04.2026 13:45
Sources 1
About this happening:
A **spear-phishing campaign** targeted **civil society figures in Middle Eastern countries**, including **three journalists in Egypt and Lebanon**, creating account-compromise ris...
Bitter Middle East spear-phishing campaign targeting civil society figures
CampaignAbout this happening: A **spear-phishing campaign** targeted **civil society figures in Middle Eastern countries**, including **three journalists in Egypt and Lebanon**, creating account-compromise ris...
Timeline
-
13.02.2026 18:23 2 articles · 3mo ago
GTIG discloses constant multi-vector targeting of the defense industrial base
Initial DisclosureGoogle Threat Intelligence Group (GTIG) says China-, Iran-, North Korea-, and Russia-linked state-sponsored, hacktivist, and criminal actors are mounting multi-vector campaigns against the defense industrial base (DIB). The assessed pressure spans battlefield-supporting defense entities, exploitation of hiring processes, edge-device access, supply-chain risk, secure messaging abuse, Android malware, phishing, and reconnaissance, with GTIG describing the sector as under a state of constant, multi-vector siege.
Show sources
- Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations — thehackernews.com — 13.02.2026 18:23
- Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations — thehackernews.com — 13.02.2026 18:23