December 2024 signals a time to summarize insights, particularly in digital security. Let’s examine the primary challenges, threats, and malicious activities in Armenia’s cyber landscape over the past year.

There were phenomena that, while not new, became more prominent throughout the year. It’s essential to recognize that we are also facing new threats, likely to intensify in the coming year. Let’s address them one by one.

Cyber fraud remains widespread, with scams categorized into several groups:

• An invitation to work online often leads to an offer to become a partner, requiring individuals to invest their money to earn more income. These offers vary widely and typically use well-known companies’ names. Most individuals are contacted through messaging platforms like WhatsApp and Telegram.
• Investment proposals can be diverse. For instance, one might involve a platform miming a well-known and established company. Another example could be a cryptocurrency trading offer, which gained significant popularity in the second half of 2024, mainly due to a sharp increase in interest in cryptocurrencies.
• Fraudulent offers to refund money to individuals who lost funds due to the previous two points.

The hijacking of user accounts has been a significant issue for years, mainly due to phishing schemes that have been in operation.

• For many years, fraudulent messages impersonating social network administrations have tricked people into entering their passwords on counterfeit websites.
• In recent months, hackers have hijacked accounts on messaging platforms such as Telegram, WhatsApp, and Viber, primarily through invitations and gifts linked to various contests. Victims, believing these offers, often provide hackers with account recovery codes. These attacks typically follow a chain reaction, sending the same phishing links from compromised accounts to the victim’s friends.
• In recent months, attacks on bank and e-wallet accounts have become increasingly frequent. Typically, scammers create fake bank or wallet pages and entice individuals with offers of gifts or cash rewards for completing surveys. During this process, personal information is extracted, which can lead to the theft of funds from the victim’s bank account or the fraudulent creation of a loan in the victim’s name.

This year has been notable due to a significant increase in both the number and quality of reported and unreported digital fraud cases.

In addition to widespread attacks, there have been changes in targeted attacks, where groups sponsored or controlled by state actors are involved.

The significant drop in Pegasus spyware attacks in Armenia is unusual. It is hard to believe that Azerbaijan’s intelligence services have lost their resolve and ceased targeting individuals in Armenia. Several hypotheses could explain this situation:

• The NSO Group, the manufacturer of the Pegasus program, is heavily involved in Israel’s military operations and no longer has the capacity to serve foreign clients.
• Pegasus has undergone changes and cannot be identified by existing means.
• Azerbaijan has begun utilizing other espionage programs against Armenia, which remain unidentified, as Pegasus has already been uncovered.

The threat still exists and is even more concerning in this hidden form.

An important development is that several hacker groups affiliated with the Kremlin have begun targeting Armenia. In January 2024, Anonymous Russia conducted DDoS attacks on Armenian government websites, banks, and telecommunications companies. Following this, in March 2024, Anonymous Sudan—associated with Russia—claimed responsibility for an attack on the Armenian mobile operator Team Telecom, which occurred on June 14, 2024. Additionally, a DDoS attack was executed against the websites of the Armenian government and law enforcement agencies, for which the “People’s Cyber Army of Russia” (Народная) claimed responsibility. The hacktivist group CyberArmiya continued the assault the next day, June 15, by targeting the website of the Armenian Embassy in Ukraine.On September 18, 2024, the Russian hacking group Cyber Volk announced an attack on government platforms. However, this attack turned out to be more of an imitation rather than a genuine assault. This incident highlights a concerning trend: Russian hacking teams have begun to focus their efforts on Armenia, which is viewed as a country opposed to the Kremlin.

This is a rough overview of digital threats in Armenia. The actual situation is much more complex. It is already clear that the number of threats, their complexity, and their impact on the state and society are increasing at unprecedented rates.

The views expressed in the column are those of the author's and do not necessarily reflect the views of Media.am.