Stealthy hacking campaign with moderate consequences
Microsoft researchers assess “with moderate confidence” that the hacking campaign “is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises” and appears to place an emphasis on stealth. The group relies on a suite of “living off the land” techniques to obscure malicious activity by using tools and commands that are already present on targeted computers. The hackers appear to typically compromise systems by using valid credentials and then searching for additional passwords and credentials to gain further access. The hackers will often proxy their traffic through compromised networking devices, including home and office routers, making them more difficult to detect.
US Government’s response
The disclosure comes at a time of heightened tension between the US and China, but also at a moment when policymakers in Beijing and Washington are attempting to restart dialogue. The Biden administration is pressuring critical infrastructure owners and operators to increase their security investments and is working to write mandatory cybersecurity regulations for sectors that have been operating under voluntary guidelines. This latest example of the US government more aggressively disclosing data about Chinese hacking activity should theoretically make such operations easier to stop in the future.
Philosophical Discussion
This latest discovery of a Chinese-linked hacking group targeting critical infrastructure entities in the US and Guam highlights the ever-present threat of cyberattacks and the potential consequences of such actions. As cyber capabilities and reliance on technology continue to grow globally, it is essential for governments to work together to establish clearer international norms for responsible state behavior in cyberspace. Cybersecurity measures must be prioritized, and infrastructure must be secured against evolving threats. This type of behavior highlights the need for international cooperation to address cyber threats, and there is a growing demand for diplomacy, international cyberspace norms, and for updating international law to make it fit for purpose in the cyber age.
Editorial
The discovery of Chinese-linked hackers targeting critical infrastructure entities in the US and Guam highlights the desperate need for international collaboration and regulation to address escalating cyber threats. The potential consequences of a cyberattack on critical infrastructure could be catastrophic, undermining everything from national security to public health and safety. The US government’s response is a step towards transparency and the need for global cooperation to tackle these critical issues. It is clear that international norms around responsible state behavior in cyberspace must be established. It is also important to note that as cyber capabilities and reliance on technology continue to increase globally, we must ensure that our infrastructure is secured against evolving threats.
Advice
It is crucial for critical infrastructure entities to prioritize cybersecurity measures and invest in securing their systems against threats. A proactive and layered approach to cybersecurity is necessary, including regular security assessments, vulnerability testing, and employee training on security best practices. Ecosystem partners must collaborate, ensuring they share information on emerging threats and establish security controls jointly. It is also essential to adopt a zero-trust approach to security, where all users and devices are treated as untrusted until they are authenticated, fully understood, and authorized. Finally, it is essential to establish and strictly follow international norms of responsible state behavior in cyberspace.
<< photo by Mati Mango >>
You might want to read !
- 5 Key Questions to Consider When Assessing a Fresh Cybersecurity Technology
- “New ‘Attacker’ Device May Help Enhance Safety in Autonomous Cars: Experts Weigh In”
- The Secret Tracking of Advertisers: Exposing Their Unseen Surveillance
- “Examining the Implications of Harvard Pilgrim Health Care’s Privacy Incident: A Current Affairs Overview”
- “The Implications of Chinese .Gov Hackers’ Targeting of Guam Critical Infrastructure Caught by Microsoft”
- BianLian Ransomware Poses Threat to Critical Infrastructure Organizations
- “Red Stinger Emerges: APT Group Poses New Threat to Eastern Europe’s Military and Critical Infrastructure”
- Biden Selects NSA Chief to Bolster Ukraine, Safeguard American Elections