Neo

Neo is a threat actor that has been implicated in various cyber attacks and security breaches. The group has exploited vulnerabilities identified in Opcenter Quality and SIMATIC PCS neo, as outlined by CVE-2023-32268 and CVE-2023-46282. These vulnerabilities affect all versions of Opcenter Quality and SIMATIC PCS neo prior to V18 Update 3, including Siemens SIMATIC PCS neo V4.0, V5.0, and versions of V4.1 before the V4.1 Update 2. This indicates a sophisticated level of technical capability and poses significant cybersecurity threats. In 2023, Neo's activities extended beyond the digital realm, with links to neo-Nazi activities leading to the temporary blocking of Telegram in Brazil. The platform was accused of failing to cooperate with investigations into these activities. Furthermore, Neo's influence has been traced across mainstream and alternative social media platforms, news outlets, web forums, conferences, summits, and extremist platforms such as Stormfront. This extensive reach demonstrates the group's ability to disseminate misinformation and disinformation, further escalating their threat profile. Looking ahead, it is projected that Neo, along with other white supremacist, neo-Nazi violent extremists, and anti-government anarchist violent extremists, are likely to increase physical threat operations in 2024. While mass-casualty terrorist attacks are feared, the rise in physical threats cannot be ignored. The complexity of Neo's operations, spanning from cyber attacks to physical threats, underscores the urgency for comprehensive countermeasures against this threat actor.