Microsoft thinks China could be stockpiling cybercrime threats

News
By Sead Fadilpašić
published

China recently changed its laws to enable flaw hoarding

China's flag overlays laptop screen
(Image credit: Shutterstock)

China is hoarding a host on undisclosed security vulnerabilities to later use against its adversaries in the West, Microsoft has claimed. 

In a recent report, the company noted that China has recently changed its laws to allow the government to keep newly discovered flaws away from the public eye. That way, it would be able to use it later against vulnerable endpoints, when the right time comes.

China introduced a new law in 2021 that said whenever an organization discovered a flaw, it must first report it to local authorities before going public, The Register reminds. A year later, the Atlantic Council reported on the results of the change - namely that vulnerability reports originating from China were declining, while anonymous reports were on the rise. 

"Particularly proficient" threat actors

"The increased use of zero days over the last year from China-based actors likely reflects the first full year of China's vulnerability disclosure requirements for the Chinese security community and a major step in the use of zero-day exploits as a state priority," Microsoft argues. 

The Redmond giant also said Chinese threat actors were “particularly proficient” at discovering and using zero-day vulnerabilities.

Read more

> China is doubling down on Linux in a bid to leave Windows behind

> China wants to censor all online comments and hold posters responsible for reactions

> These are the best cloud firewalls right now

Microsoft’s report did not focus exclusively on China, though, as the 114-page document also covers Russia, Iran, and North Korea. While for Russia, the document focused on the most obvious thing - the country’s “relentless targeting” of the Ukrainian government and the country’s critical infrastructure, as part of a wider war effort against its southwestern neighbor, Iran “aggressively” sought inroads into US critical infrastructure such as port authorities.

North Korea, on the other hand, was observed continuing with its campaign of stealing cryptocurrency from financial and technology companies to continue funding the government’s operations. 

“Although nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated by good cyber hygiene,” Microsoft concluded. “Many of these actors rely on relatively low-tech means, such as spear-phishing emails, to deliver sophisticated malware instead of investing in developing customized exploits or using targeted social engineering to achieve their objectives.”

Via: The Register

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.