UK and US Blame China’s State-Sponsored Hackers for Parliament Cyber Espionage, Cyber Attacks on Energy Industry
Wednesday, March 27, 2024
A known state-sponsored hacking group from China has been sanctioned by the US Treasury Department for a campaign of cyber attacks over the past decade, and has been named by the UK’s National Cyber Security Centre (NCSC) as the culprit in a 2021 cyber espionage campaign against parliamentarians.
Dr Ilia Kolochenko, CEO at ImmuniWeb, notes that increasing attention needs to be paid to the public-private fusion of cyber espionage groups such as these: “Reliable cyberattack attribution remains a complex and time-consuming task in 2024, being a mix of art and science. The most complicated part is to expose who is actually procuring the attack. First, many cybercrime groups are mercenaries motivated by money: they may have one major client for a long period of time and then switch to another one. After establishing or inferring some nexuses between the group and its client, investigators may automatically and incorrectly attribute upcoming attacks – procured by another client – to the first one. Second, individual cybercrime group members may change their “employer” quite frequently. If such an individual was, for example, responsible for malware development at his former group, he would likely reuse his code, as well as some tactics, techniques and procedures (TTPs) for upcoming projects at the new group, once again leading to incorrect attribution of the attacks. Third, numerous databases and other excellent resources by cybersecurity companies exist with detailed technical descriptions of TTPs used by (in)famous hacking groups. Both newcomers and well-established threat actors frequently utilize this information to impersonate or frame another threat actor, perfidiously misleading the investigators. In sum, without a frictionless collaboration between law enforcement agencies (LEAs) from all countries, attack attribution, prosecution and just punishment of attackers remain highly problematic.” Read Full Article
Solicitors Journal: SEC settles charges against investment advisers for AI misrepresentation
CPO Magazine: Data Breach at French Unemployment Agency May Span 20 Years, 43 Million Benefit Recipients