Microsoft says China is hoarding the host on undisclosed vulnerabilities to later use against its opponents in the West.
In a recent report, the company noted that China recently changed its laws to allow the government to keep newly discovered flaws out of the public eye. That way, he will be able to use it later against sensitive endpoints (opens in a new tab)when the time is right.
China introduced a new law in 2021 that requires an organization to report it to local authorities before going public whenever it detects a bug. Register reminds. A year later, the Atlantic Council announced the results of this change – namely, that the number of vulnerability reports originating in China is declining, while the number of anonymous ones is increasing.
“Especially skillful” actors dealing with threats
“The increased use of zero days over the past year by Chinese actors likely reflects the first full year of Chinese vulnerability disclosure requirements for the Chinese security community and a big step in using zero-day exploits as a state priority.” Microsoft convinces.
The Redmond giant also said Chinese cybercriminals were “particularly adept” at detecting and exploiting zero-day vulnerabilities.
The Microsoft report did not focus solely on China, however, as the 114-page document also covers Russia, Iran and North Korea. While in the case of Russia, the document focused on the most obvious thing – “relentlessly attacking” the Ukrainian government and the country’s critical infrastructure as part of a wider war effort against its Southwestern neighbor, Iran “aggressively” sought access to critical infrastructure such as port authorities.
On the other hand, it has been observed that North Korea continues to campaign to steal cryptocurrencies from financial and tech companies to further fund government operations.
“While nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated with good cyber hygiene,” concluded Microsoft. “Many of these actors rely on relatively low-tech measures such as spear-phishing email to deliver sophisticated malware rather than invest in developing custom exploits or using targeted social engineering to achieve their goals.”
By: Register (opens in a new tab)