China is stockpiling a large number of undisclosed security vulnerabilities for later use against adversaries in the West, Microsoft has claimed.
In a recent report, the company noted that China had recently changed its laws to allow the government to keep newly discovered flaws out of the public eye. That way, you could use it against vulnerable endpoints (opens in a new tab) later, when the time comes.
China introduced a new law in 2021 according to which whenever an organization discovers a breach, it must first report it to local authorities before making it public, recalls The Register. A year later, the Atlantic Council reported the results of the change: vulnerability reports from China dropped, while anonymous reports increased.
"Particularly skilled" threat actors
"The increased use of zero-days over the past year by China-based actors likely reflects the first full year of China's vulnerability disclosure requirements for the Chinese security community and an important step in the use of zero-days." zero-day vulnerabilities as a state priority". , argues Microsoft.
The Redmond giant also said that Chinese threat actors are "particularly adept" at discovering and using zero-day vulnerabilities.
However, Microsoft's report did not focus exclusively on China, as the 114-page document also covers Russia, Iran and North Korea. While for Russia, the document focused on the most obvious: the "relentless attack" of the Ukrainian government and the country's critical infrastructure, as part of a broader war effort against its southern neighbor to the west, Iran has sought " aggressively" incursions into critical areas of US infrastructure such as port authorities.
North Korea, on the other hand, has been observed to continue its campaign of stealing cryptocurrency from financial and technology companies to continue funding government operations.
“While nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated with good cyber hygiene,” Microsoft concluded. "Many of these actors rely on relatively low-tech means, such as targeted phishing emails, to deliver sophisticated malware rather than invest in developing custom exploits or using targeted social engineering to achieve their goals."
Via: The Registry (Opens in a new tab)