Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships
From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, CEO of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf — and whether they’re doing it correctly.
_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships
<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
Play Episode
</button>
<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
Pause Episode
</button>
<audio preload="none" class="clip clip-13903">
<source src="/images/wp/2024/06/Asian-Telecom-Cyberattacks-Kaspersky-Ban-Dilemma-CDK-Cyberattack-Disrupts-Dealerships.mp3">
</audio>
<button class="player-btn player-btn__volume" title="Mute/Unmute">
Mute/Unmute Episode
</button>
<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
Rewind 10 Seconds
</button>
<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
Fast Forward 30 seconds
</button>
<time class="ssp-timer">00:00</time>
/
<!-- We need actual duration here from the server -->
<time class="ssp-duration" datetime="PT0H2M9S">2:09</time>
<nav class="player-panels-nav">
<button class="subscribe-btn" id="subscribe-btn-13903" title="Subscribe">Subscribe</button>
<button class="share-btn" id="share-btn-13903" title="Share">Share</button>
</nav>
RSS Feed
<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-13903" title="RSS Feed URL" readonly />
<button class="copy-rss copy-rss-13903" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
Share
<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/asian-telecom-cyberattacks-kaspersky-ban-dilemma-cdk-cyberattack-disrupts-dealerships/&t=Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
</a>
<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/asian-telecom-cyberattacks-kaspersky-ban-dilemma-cdk-cyberattack-disrupts-dealerships/&url=Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
</a>
<a href="/images/wp/2024/06/Asian-Telecom-Cyberattacks-Kaspersky-Ban-Dilemma-CDK-Cyberattack-Disrupts-Dealerships.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
</a>
Link
<input value="https://dmarcreport.com/blog/podcast/asian-telecom-cyberattacks-kaspersky-ban-dilemma-cdk-cyberattack-disrupts-dealerships/" class="input-link input-link-13903" title="Episode URL" readonly />
<button class="copy-link copy-link-13903" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
Embed
<input type="text" value='<blockquote class="wp-embedded-content" data-secret="Eh6BJPXfb0"><a href="https://dmarcreport.com/blog/podcast/asian-telecom-cyberattacks-kaspersky-ban-dilemma-cdk-cyberattack-disrupts-dealerships/">Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://dmarcreport.com/blog/podcast/asian-telecom-cyberattacks-kaspersky-ban-dilemma-cdk-cyberattack-disrupts-dealerships/embed/#?secret=Eh6BJPXfb0" width="500" height="350" title=""Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships" — DMARC Report" data-secret="Eh6BJPXfb0" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script>/*! This file is auto-generated / !function(d,l){“use strict”;l.querySelector&&d.addEventListener&&“undefined”!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll(‘iframe[data-secret=”‘+t.secret+’”]’),o=l.querySelectorAll(‘blockquote[data-secret=”‘+t.secret+’”]’),c=new RegExp(“^https?:$”,“i”),i=0;i<o.length;i++)o[i].style.display=“none”;for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(“style”),“height”===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):“link”===t.message&&(r=new URL(s.getAttribute(“src”)),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(“message”,d.wp.receiveEmbedMessage,!1),l.addEventListener(“DOMContentLoaded”,function(){for(var e,t,s=l.querySelectorAll(“iframe.wp-embedded-content”),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(“data-secret”))||(t=Math.random().toString(36).substring(2,12),e.src+=”#?secret=“+t,e.setAttribute(“data-secret”,t)),e.contentWindow.postMessage({message:“ready”,secret:t},"")},!1)))}(window,document); //# sourceURL=https://dmarcreport.com/wp-includes/js/wp-embed.min.js ’ title=“Embed Code” class=“input-embed input-embed-13903” readonly/>
<button class="copy-embed copy-embed-13903" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
**Cyber awareness is the need of the hour, and that’s exactly why we keep coming back with the latest cyber incidents happening around the globe! Keep yourself updated about the ongoing trends in the cybercrime niche, implementing email authentication protocols like SPF, DKIM and DMARC and avert such mishaps by choosing knowledge over ignorance. Keep reading to know how China-based cyber espionage groups targeted Asian telecoms. Also, a recent cyberattack forced multiple car dealerships to stop functioning temporarily. Lastly, the Kaspersky ban by the government is messing up with the users, and they are finding it difficult to cope with the tight deadlines.
Here’s your cyber dose of the week!
Asian telecoms attacked by China-based cyber espionage teams
Multiple telecommunication operators across the Asia-Pacific belt were affected because of recent cyber espionage operations. They **tip-toed into the network of these telecom companies and gained access to their credentials. These threat actors also leveraged custom malware to affect other operations of the telecom companies.
As of 2025, DMARC is mandatory under multiple compliance frameworks. CISA BOD 18-01 requires p=reject for US federal domains. PCI DSS v4.0 mandates DMARC for organizations processing payment card data as of March 2025. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and Microsoft began rejecting non-compliant email in May 2025. The UK NCSC, Australia’s ASD, and Canada’s CCCS all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.
The **note-worthy news is that all three cyber espionage groups—Mustang Panda, Nomad Panda, and Naikon—have a connection to China. They have used tools like Firefly, Fireant, and Neeedleminer to interfere with the operations of telecommunications operators .
Telecom companies are significant yet have vulnerable infrastructures that can be easily targeted by threat actors to exploit the treasure trove of data, such as locations, SMS messages, etc., and disrupt the entire communication system. Telecom operators experience huge traffic, which can be conveniently compromised by threat actors to make easy money.
Authorities are apprehensive of bigger **cyber operations by China in the near future! If telecom infrastructure is affected, this can further impact vital infrastructure, thereby making other important sectors like finance, tech, insurance, and banking vulnerable.
These attacks are a grim reminder of how **Asian nations are grappling with cyber issues at present. From Indonesia to Taiwan, each country is facing cyber attacks and is trying its best to get a hold of the situation.
Kaspersky ban puts users into a tricky situation
The Biden administration banned Kaspersky, the antivirus software. They cited national security concerns as a reason behind this sudden and bold move. As per government regulations, consumers must stop using the software before 29 September 2024 , or else they won’t receive any protection, support, or updates.
This is the first-of-its-kind move taken by the government to ban **cyber security software pertaining to reasons as grave as national security risk. The US Commerce Department believes that Kaspersky has a close tie with Moscow and that it can pass on sensitive user data to Russia , leading to serious consequences. The authorities are assured that Russia can weaponize this sensitive US data and leverage it to plan a blow to the US and its people.
The US has also put a restriction on any kind of **business transactions between Kaspersky and US citizens or organizations.
Kaspersky, on its behalf, has said that this sudden ban is a result of the ongoing geopolitical climate, and that it’s a result of theories and is far from any kind of practicality. It believes that over all these years, Kaspersky has played a significant **role in protecting the US interests from threat actors and cybercriminals.
From individual users to organizations, everyone is busy finding the next best alternative to Kaspersky within a tight timeline so that their priceless data and systems stay protected amidst all the ongoing chaos.
CDK cyberattack halted car dealership operations temporarily!
Wednesday, June 19th, was a complete chaos for thousands of car dealerships**. They were forced to shut down because of an abrupt software cyberattack. This resulted in huge losses, as generally, it’s a peak sales time for automobile companies pertaining to the Juneteenth holiday.
The first shutdown happened sharp at 2 AM Eastern Time. While **certain dealerships managed to continue with specific services because of available paper records, others had to shut down completely.
Threat actors compromised the functioning of **CDK Global on Wednesday evening and Thursday morning. Because of this cyberattack, the software had to shut down, which further impacted the daily operations of car dealership companies.
CDK is in talks with experts and are keeping their customers in loop. Meanwhile, for playing it safe, they have shifted the systems offline.
CDK will **run extensive tests on all its applications, and once it gets a green signal, it will eventually bring the systems online again.
Roger Grimes from KnownBe4 believes that this was a ransomware attack on CDK. He wants CDK to investigate the current situation because of which the attackers were able to **penetrate deep into the system. That’s the only way to prevent similar instances in the future.
Sources
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
LinkedIn Profile →Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free — no credit card required.