March has been a month of concern for those in the cyber security community following revelations of extensive hacking campaigns carried out by state-backed groups.
In the latter part of the month, it was reported that APT 31, a Chinese state-backed threat group, had accessed information on tens of millions of UK voters in a breach of the Electoral Commission. Threat actors had also targeted US politicians and businesses.
What can we learn from the breach and how can organizations protect themselves against future state-backed threats?
In this episode, Jane and Rory welcome back Ross Kelly, ITPro’s news and analysis editor, to explore the month’s cyber security developments.
Highlights
“APT31 is a Chinese state-linked threat group, it’s highly active, highly aggressive in its tactics, and it’s been known to target a wide variety of public and private sector organizations.”
“It’s very much indicative of the increasingly interwoven nature of public sector and private sector, third-sector, government, in terms of how our economies work today. If you have an attack on, say, a private enterprise how many times have we seen government departments in the US, for example, impacted by that, and vice versa? It’s both a political and financial minefield for governments and private enterprises themselves.”
“[Phishing] is still something that threat actors are using extensively, because it’s so effective. That’s where education comes into the equation: enterprises, whether in the public sector or private sector, educating and informing staff, to be able to look out for telltale signs is critical. ”
