Microsoft thinks China could be stockpiling cybercrime threats

China recently changed its laws to enable flaw hoarding

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

China is hoarding a host on undisclosed security vulnerabilities to later use against its adversaries in the West,Microsofthas claimed.

Ina recent report, the company noted that China has recently changed its laws to allow the government to keep newly discovered flaws away from the public eye. That way, it would be able to use it later against vulnerableendpoints, when the right time comes.

China introduced a new law in 2021 that said whenever an organization discovered a flaw, it must first report it to local authorities before going public,The Registerreminds. A year later, the Atlantic Council reported on the results of the change - namely that vulnerability reports originating from China were declining, while anonymous reports were on the rise.

“Particularly proficient” threat actors

“The increased use of zero days over the last year from China-based actors likely reflects the first full year of China’s vulnerability disclosure requirements for the Chinese security community and a major step in the use of zero-day exploits as a state priority,” Microsoft argues.

The Redmond giant also said Chinese threat actors were “particularly proficient” at discovering and using zero-day vulnerabilities.

China is doubling down on Linux in a bid to leave Windows behind>China wants to censor all online comments and hold posters responsible for reactions>These are the best cloud firewalls right now

Microsoft’s report did not focus exclusively on China, though, as the 114-page document also covers Russia, Iran, and North Korea. While for Russia, the document focused on the most obvious thing - the country’s “relentless targeting” of the Ukrainian government and the country’s critical infrastructure, as part of a wider war effort against its southwestern neighbor, Iran “aggressively” sought inroads into US critical infrastructure such as port authorities.

North Korea, on the other hand, was observed continuing with its campaign of stealing cryptocurrency from financial and technology companies to continue funding the government’s operations.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Although nation-state actors can be technically sophisticated and employ a wide variety of tactics, their attacks can often be mitigated by good cyber hygiene,” Microsoft concluded. “Many of these actors rely on relatively low-tech means, such as spear-phishing emails, to deliver sophisticated malware instead of investing in developing customized exploits or using targeted social engineering to achieve their objectives.”

Via:The Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up