China is hoarding a host of undisclosed security vulnerabilities to later use against its opponents in the West, Microsoft has claimed.
In a recent report, the company noted that China recently changed its laws to allow the government to keep newly discovered flaws out of the public eye. That way it could later use it against vulnerable endpoints (opens in new tab)when the right time comes.
China introduced a new law in 2021 that states that if an organization discovers an error, it must first report it to local authorities before it becomes public. The register reminds. A year later, the Atlantic Council reported on the results of the change, namely that vulnerability reports originating in China decreased, while anonymous reports increased.
“Highly Skilled” Threat Actors
“The increased use of zero-days in the past year by China-based actors likely reflects the first full year of China’s vulnerabilities disclosure requirements to the Chinese security community and an important step in adopting zero-day exploits as a priority. of the state,” Microsoft argues.
The Redmond giant also said Chinese threat actors were “particularly skilled” at discovering and exploiting zero-day vulnerabilities.
However, Microsoft’s report was not solely focused on China, as the 114-page document also covers Russia, Iran and North Korea. While for Russia, the document focused on the most obvious thing – the country’s “relentless attack” on the Ukrainian government and the country’s critical infrastructure, as part of a wider war effort against its southwestern neighbor, Iran attempted ” aggressively” to penetrate the critical infrastructure of the US. infrastructure such as port authorities.
North Korea, on the other hand, was observed to continue its campaign to steal cryptocurrency from financial and technology companies in order to continue funding the government’s operations.
“While nation-state actors can be technically advanced and employ a wide variety of tactics, their attacks can often be mitigated by good cyber hygiene,” Microsoft concluded. “Many of these actors rely on relatively low-tech means, such as spear-phishing emails, to deliver sophisticated malware rather than investing in developing custom exploits or using targeted social engineering to achieve their objectives. reach.”
Via: The Register (opens in new tab)