China has been identified as the leading nation in government-backed exploitation of zero-day vulnerabilities, according to a report released by Alphabet Inc.’s GOOG GOOGL Google.
What Happened: The Google report, published on Wednesday, revealed that China’s cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, a notable increase from the seven in 2022.
This trend is indicative of a broader global surge in zero-day exploits. In 2023, 97 vulnerabilities were exploited, a 50% increase from the previous year but still below the record set in 2021.
“The People's Republic of China (PRC) continues to lead the way for government-backed exploitation. PRC cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022, more than we were able to attribute to any other state and continuing a trend we've observed for multiple years,” the report stated.
James Sadowski, principal analyst at Mandiant Intelligence, noted that attackers have shifted their focus to third-party components and libraries, as exploiting these vulnerabilities can have a widespread impact.
The report also highlighted a 64% increase in the exploitation of enterprise-specific technologies in 2023, with a general rise in the number of targeted enterprise vendors since 2019.
Despite the overall increase in zero-day exploits, the proportion of financially motivated actors decreased in 2023. “Financially motivated actors accounted for 10 zero-day vulnerabilities exploited in 2023, a lower proportion of the total than what we observed in 2022,” the report stated.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
However, the report highlighted threat group FIN11, saying it “exploited three zero-day vulnerabilities,” while at least four ransomware groups separately milked another four vulnerabilities.
Why It Matters: The report’s findings align with the recent global concerns over China’s cyber activities.
Last month, Federal Bureau of Investigation or FBI director Christopher Wray warned that China’s covert placement of offensive malware in U.S. critical infrastructure networks posed a significant national security threat. This was followed by a crackdown on a widespread Chinese cyber espionage effort, known as Volt Typhoon, by the U.S. in January.
Earlier this week, Australia and New Zealand united to accuse China of orchestrating cyberattacks on democratic institutions.
On Tuesday, New Zealand’s foreign minister, Winston Peters, denounced the “malicious cyber activity” directed at the country’s parliament in 2021, linking these attacks to entities allegedly supported by the Chinese government.
Australia has also denounced China’s purported cyber assaults aimed at U.K. democratic entities and lawmakers. The nation’s foreign affairs minister voiced apprehension regarding the ongoing targeting of democratic institutions and procedures.
Check out more of Benzinga's Consumer Tech coverage by following this link.
Disclaimer: This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
