CLAWS Cyber Index I Volume I I Issue 11
This edition of the CLAWS Cyber Index captures the intensifying convergence of cyber operations, geopolitical maneuvering, and emerging technologies. Southeast Asian governments are being targeted by a covert cyber-espionage campaign (CLSTA1020), where attackers exploit trusted AWS infrastructure to deliver the HazyBeacon backdoor—showcasing a new class of cloud-native stealth malware. In a bid for strategic autonomy, Japan and the EU have announced plans to co-develop a next-generation satellite constellation to reduce dependency on U.S. space assets like SpaceX, emphasizing secure LEO communications and quantum cyber defences. On the battlefield, Russia is trialing MS001, an AI-powered drone with onboard decision-making and swarm capabilities, signaling a new phase in autonomous warfare. Meanwhile, TAG-140—a Pakistan-linked APT—is deploying DRAT V2 in spearphishing attacks on Indian ministries, revealing a modular approach to persistent access. In the U.S., federal agencies warn of escalating Iranian cyber operations blending sabotage with ransomware tactics, particularly against defense-linked infrastructure. Across regions, threat actors are leveraging AI development tools, open-source RAT ecosystems, and SEO poisoning to scale malware delivery and phishing precision. This issue highlights a growing need for resilient, cloud-aware defence strategies and global cooperation against adaptive, cross-domain cyber threat.
