n an “unprecedented” joint call by the Five Eyes on Tuesday, the intelligence chiefs of the countries accused China of intellectual property theft and using AI for hacking and spying against its nations and called for private industry and academia to help counter those threats.
“China has long targeted businesses with a web of techniques all at once: cyber intrusions, human intelligence operations, seemingly innocuous corporate investments and transactions. Every strand of that web had become more brazen, and more dangerous,” FBI Director Christopher Wray said.
The FBI and the White House sent a warning Tuesday about how technology is being used dangerously, calling it the “new Cold War.”
“Because back in the day, it was more, ‘can I put more bombs and more missiles that point to you?’ Whereas these days it’s truly digital, where the information is, and also the spy component,” said Wray.
This meeting comes shortly after the Biden administration issued new restrictions on companies exporting AI technology to China and other countries.
Despite China having a bigger hacking program than that of every other nation combined, the Chinese government spokesman Liu Pengyu said the country was committed to intellectual property protection and denied the “groundless” allegations.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Statements from the intelligence communities at the Five Eyes countries are a positive recognition of the persistent threat of Chinese espionage. However, this escalation is coming years, perhaps decades, after we had known about the blatant theft of intellectual property from China.
“As open societies, we face significant challenges in competing against a closed society like China in the field of AI. China has a centralized governance structure, which gives it access to a large amount of diverse and centralized data, without a lot of ethical restrictions on how it will be used. In contrast, the Five Eyes countries face challenges in accessing similar volumes and types of data due to privacy concerns and legal frameworks that prioritize individual rights. China has also been aggressively investing in AI research and development, leading to a significant pool of talented scientists, engineers, and researchers.
“The Five Eyes countries have well-established innovation ecosystems, including leading universities, research institutions, and a vibrant private sector that fosters a culture of innovation which can lead to breakthroughs in AI technologies. However, the question that remains is can open societies capitalize on these innovations, safeguard individual freedoms, and protect their valuable IP over the long term?”
David Mitchell, Chief Technical Officer, HYAS follows with this comment:
“The PRC has been a cyber concern for as long as I can remember but has grown to become an existential threat over the last few years. The sheer number of motivated hacking teams, the scale of the toolsets and the coordination are unlike anything we’ve ever seen — and add AI to the equation and we have a serious problem. The private sector is not equipped to deal with such skilled nation state teams for a variety of reasons — a lack of network visibility, disjointed security platforms and understaffed organizations.
“Without improvements in our security posture, products, and response, along with coordination between the private sector and government, it is hard to see this threat dissipating anytime soon.”
While China isn’t the only state actor that is out to steal all the IP that it can get, it is the biggest. Thus the threat that China poses must be taken seriously, along with doing everything possible to stop them from profiting from their desire to steal all the IP that they can.
US Agencies & Five Eyes Reveal 2023 Top Exploited Vulnerabilities
Posted in Commentary with tags Five Eyes on November 14, 2024 by itnerdIn a joint advisory published yesterday, the FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance released a list of the top 15 exploited vulnerabilities in 2023.
“Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025,” the agencies say.
The report warned that in 2023, “malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.”
It also revealed that 12 out of the top 15 vulnerabilities actively abused in the wild were addressed last year, aligning with the agencies warning that threat actors focused their attacks on zero-days.
A code injection vulnerability in NetScaler ADC / Gateway that enables bad actors to gain remote code execution on unpatched servers, took the top spot after state hackers abused it to breach U.S. critical infrastructure organizations.
By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August.
Evan Dornbush, former NSA cybersecurity expert had this to say:
While the recommendation to patch is sage advice, it won’t have a material impact against sophisticated attackers who are increasingly reliant on zero days to gain initial access, per the joint advisory.
Instead of waiting for attackers to come at them with zero days, finding novel ways to raise the cost of conducting criminal operations would, however, produce a desirable effect. Sophos did this in its Pacific Rim project, which burned several months of effort – exploits, implants, and infrastructure – quite brilliantly. It’s time for businesses in all industries to pursue new options that disrupt the lucrative nature of criminal operations.
Patching isn’t perfect. But it is part of the solution. Things like vulnerability testing, penetration testing, tabletop exercises, and strengthening defences have to be part of the conversation. Because security has to be a holistic solution.
Leave a comment »