The requested article has expired, and is no longer available. Any related articles, and user comments are shown below.
© Copyright 2021 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.Microsoft: Russia behind 58% of detected state-backed hacks
By FRANK BAJAK BOSTON©2024 GPlusMedia Inc.
9 Comments
Login to comment
Skeptical
Here is a link to the MS blog (executive summary): https://blogs.microsoft.com/on-the-issues/2021/10/07/digital-defense-report-2021/ .
And a link to the report: https://www.microsoft.com/en-us/security/business/microsoft-digital-defense-report?rtc=1 .
Skeptical
And the 134 page PDF is at this URL: https://go.microsoft.com/fwlink/p/?LinkID=2173952&clcid=0x409&culture=en-us&country=US .
Sal Affist
It's a national industry and whole-of-government effort. North Korea is the same - hacking and ransomware bring in resources. China and Iran's hackers aren't in it for the money.
albaleo
Thanks for the link, Skeptical.
I'm wondering how they determine what is a "nation state" action as opposed to a private action of some kind. I couldn't find that info in the document, but I may have missed it as I only skimmed through it. Does anyone know?
Desert Tortoise
China's are. After they get the information the government wants their hackers are allowed to mount ransomware and other types of attacks for their personal profit. This is a recent change.
Desert Tortoise
The good cyber security organizations such as Fireeye (formerly known as Mandiant) can often identify individual hackers by name and who they work for. An example is a Fireeye report on what they called APT-1, for Advanced Persistent Threat 1. They were able to determine APT-1 is a particular unit of the Peoples Liberation Army and their workplace in the Pudong New Area of Shanghai. They were able to positively identify one of the hackers by name and seemed to know a lot about his habits. They identify another couple of hackers too. People are creatures of habit and have knowable hacking styles that identify them. The best cyber security organizations can often hack the hackers and infiltrate their systems to learn about them, even use their computer camera's and microphones while they are hacking. That report on APT-1 has video screen shots showing the Chinese hacking their customer's system in real time.
https://www.mandiant.com/resources/mandiant-exposes-apt1-chinas-cyber-espionage-units
lostrune2
People gotta remember - the security experts who track these hacks are as smart as the hackers
It's an arms race - there are very smart people on both sides
Skeptical
Using Polonium 210 pellets is so passé! Today's candidate for "Hero of the Motherland" must be a tech-enabled hacker to get promoted!