Microsoft has alleged that China hoards a host of undisclosed security vulnerabilities for later use against its adversaries in the West.
in recent reportThe company noted that China recently changed its laws to allow the government to keep the newly discovered flaws out of the public eye. This way, he will be able to use it later against the weak endpoints (Opens in a new tab)When the time is right.
China introduced a new law in 2021 stating that whenever an organization discovers a defect, it must first inform local authorities before making it public, record Mentionsed. A year later, the Atlantic Council reports the results of the change – that is, reports of vulnerability from China are declining, while anonymous reports are increasing.
‘Especially seasoned’ threat actors
“The increased use of zero-days over the past year by actors in China likely reflects the first full year of China’s vulnerability disclosure requirements for the Chinese security community and a major step in using zero-day exploits as a state priority,” Microsoft argues.
The Redmond giant also said that Chinese threat actors are “particularly adept” at discovering and using zero-day vulnerabilities.
Microsoft’s report did not focus exclusively on China, although the 114-page document also covers Russia, Iran and North Korea. While for Russia the document focused on the most obvious thing – the “continuous targeting” of the Ukrainian government and the country’s critical infrastructure, as part of a broader war effort against its southwestern neighbor, Iran “aggressively” sought to penetrate the critical United States. Infrastructure such as port authorities.
On the other hand, North Korea has been observed continuing its campaign of stealing cryptocurrency from financial and technology companies to continue financing government operations.
Microsoft concluded that “although nation-state actors can be technologically sophisticated and use a variety of tactics, their attacks can often be mitigated through good cybersecurity practices.” “Many of these actors rely on relatively low-tech means, such as phishing emails, to deliver sophisticated malware rather than investing in developing customized exploits or using targeted social engineering to achieve their goals.”
Across: record (Opens in a new tab)