Community Edition
Total Tests:
This Week:
Today:
Cyber Law Blog
Phobos Ransomware Admin Extradited From South Korea
November 21, 2024
Dark Web Crypto Mixer Founder Sentenced to Over 12 Years for Money Laundering
November 14, 2024
Global Сybercrime Сrackdown Takes Down Over 22K Malicious IPs And Servers
November 7, 2024
REvil Gang Members Sentenced
October 31, 2024
US Cop Indicted Over Buying Stolen Data
October 24, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

UK and US Blame China’s State-Sponsored Hackers for Parliament Cyber Espionage, Cyber Attacks on Energy Industry

By Scott Ikeda for CPO Magazine
Wednesday, March 27, 2024

A known state-sponsored hacking group from China has been sanctioned by the US Treasury Department for a campaign of cyber attacks over the past decade, and has been named by the UK’s National Cyber Security Centre (NCSC) as the culprit in a 2021 cyber espionage campaign against parliamentarians.

Dr Ilia Kolochenko, CEO at ImmuniWeb, notes that increasing attention needs to be paid to the public-private fusion of cyber espionage groups such as these: “Reliable cyberattack attribution remains a complex and time-consuming task in 2024, being a mix of art and science. The most complicated part is to expose who is actually procuring the attack. First, many cybercrime groups are mercenaries motivated by money: they may have one major client for a long period of time and then switch to another one. After establishing or inferring some nexuses between the group and its client, investigators may automatically and incorrectly attribute upcoming attacks – procured by another client – to the first one. Second, individual cybercrime group members may change their “employer” quite frequently. If such an individual was, for example, responsible for malware development at his former group, he would likely reuse his code, as well as some tactics, techniques and procedures (TTPs) for upcoming projects at the new group, once again leading to incorrect attribution of the attacks. Third, numerous databases and other excellent resources by cybersecurity companies exist with detailed technical descriptions of TTPs used by (in)famous hacking groups. Both newcomers and well-established threat actors frequently utilize this information to impersonate or frame another threat actor, perfidiously misleading the investigators. In sum, without a frictionless collaboration between law enforcement agencies (LEAs) from all countries, attack attribution, prosecution and just punishment of attackers remain highly problematic.” Read Full Article


Previous Media Publications:

Solicitors Journal: SEC settles charges against investment advisers for AI misrepresentation

CPO Magazine: Data Breach at French Unemployment Agency May Span 20 Years, 43 Million Benefit Recipients

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential