China is hoarding a host on undisclosed security vulnerabilities to later use against its adversaries in the West, Microsoft has claimed.
In a recent report, the company noted that China has recently changed its laws to allow the government to keep newly discovered flaws away from the public eye. That way, it would be able to use it later against vulnerable endpoints (opens in new tab)when the right time comes.
China introduced a new law in 2021 that said whenever an organization discovered a flaw, it must first report it to local authorities before going public, The Register reminds. A year later, the Atlantic Council reported on the results of the change – namely that vulnerability reports originating from China were declining, while anonymous reports were on the rise.
“Particularly proficient” threat actors
“The increased use of zero days over the last year from China-based actors likely reflects the first full year of China’s vulnerability disclosure requirements for the Chinese security community and a major step in the use of zero-day exploits as a state priority,” Microsoft argues.
The Redmond giant also said Chinese threat actors were “particularly proficient” at discovering and using zero-day vulnerabilities.
Microsoft’s report did not focus exclusively on China, though, as the 114-page document also covers Russia, Iran, and North Korea. While for Russia, the document focused on the most obvious thing – the country’s “relentless targeting” of the Ukrainian government and the country’s critical infrastructure, as part of a wider war effort against its southwestern neighbour, Iran “aggressively” sought inroads into critical US infrastructure such as port authorities.
North Korea, on the other hand, was observed continuing with its campaign of stealing cryptocurrency from financial and technology companies to continue funding the government’s operations.
“Although nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated by good cyber hygiene,” Microsoft concluded. “Many of these actors rely on low-tech means, such as spear-phishing emails, to deliver sophisticated malware instead of investing in developing customized exploits or using targeted social engineering to achieve their objectives.”
Via: The Register (opens in new tab)