So tell me again...
... Ms Rudd, about how weakened encryption with 'secret' (at least, according to some government definition of 'secret') backdoors is a really, really good idea.
UK companies are being targeted by a China-based global hacking group dubbed APT10. The Operation Cloud Hopper campaign focuses on managed service providers (MSPs) which, when successful, gives the APT10 hackers access to their intellectual property, sensitive data, and global clients. A number of Japanese organisations have …
I dont doubt the attribution here - a surprising amount of effort goes into this and it is quite different from what Wikileaks wants to allude.
However, this is pretty useless.
If I sum up the press release cum talking heads article, it basically says "foreign, possibly nation state but at least well resourced, attackers are trying to get data and sometimes succeed."
Where are the IoCs? Where is the actionable value? What can anyone do with this information?
The IoCs were published last week on CISP. Full report with data in it is here https://www.pwc.co.uk/issues/cyber-security-data-privacy/insights/operation-cloud-hopper.html. NCSC guidance is here https://www.ncsc.gov.uk/information/global-targeting-enterprises-managed-service-providers
This post has been deleted by its author
People can't get in through the front door so they hit the Tradesmen's Entrance.
And why hit one company when you can hit the company that supports multiple targets.
Wasn't one of the touted benefits of using an MSP that it can justify decent security, proper patch management, comprehensive backups?
Biting the hand that feeds IT © 1998–2021