Tom Uren
Western cybersecurity agencies are co-authoring reports with an increasing number of overseas agencies into Chinese cyber activity. And China doesn’t seem to like it.
The Australian Signals Directorate (ASD) last week issued an advisory co-authored with German, Korean, and Japanese intelligence; cybersecurity and law enforcement agencies; as well as the standard Five Eyes agencies that regularly contribute to advisories. The advisory documented two successful compromises of Australian organizations and resulting investigations by the Australian Cyber Security Centre (ACSC). The agencies attributed the compromises to APT40, a People’s Republic of China (PRC)-sponsored group that operates on behalf of the Ministry of State Security (MSS). The report documents what it calls a “notable” shift in tradecraft, away from using hacked websites for command and control to using compromised small office/home office devices to relay communications.
There is only a tiny amount of information in the report that could be ascribed to organizations other than ASD. The corralling of international agencies as authors is all about presenting a united front against Chinese cyber operations.
China, however, is pushing back by issuing its own reports on purported U.S. activity or attempting to cast doubt on reports into its own behavior.
No comments:
Post a Comment