Mutual throwing at the fan in the field of infosec between the United States and China, represented by their leading information security vendors, is reaching a new level.
Earlier last month, SentinelOne published a report in which it wrote with a grin how China fails to attribute cyber attacks to the United States and reproached for constant links in its reports to old incidents.
After that, the Chinese Antiy responded to the SentinelOne report with a deeper assessment of the hostile cyberactivity of American companies from a technical point of view, attributing their attacks (including Stuxnet) in retrospect and connections with special services quite tightly and thoroughly.
And in order to finally wipe the nose and "at the request of TV viewers" from SentinelOne, the Chinese side, represented by the national CERT, rolled out a report (PDF) attributing Volt Typhoon to the activities of a group called Dark Power.
In their opinion, the United States carried out a cunning propaganda operation with the creation and promotion of the Volt Typhoon threat cluster, the aggressive image of which was imposed on China in many recent information security reports.
The purpose of the fraud is to "kill two birds with one stone at once", inflating the "theory of a global Chinese threat" for the national and other CII and inciting the US Congress to allocate appropriate appropriations.
It all started in May 2023, when the Five Eyes cybersecurity authorities rolled out a message about the discovery of allegedly pro-Chinese ART.
For confirmation, Microsoft was involved, which released the necessary report, which was then replicated by major Western media such as Reuters, the Wall Street Journal and the New York Times.
Later, Lumen Technologies also joined, also linking the KV botnet with Volt Typhoon.
All the companies involved in infosec after this feint received fat state contracts and project financing.
Of course, they forgot about clear attribution.
But Chinese researchers did not, they were able to expose the mentioned attacks and correlate them with cybercriminals from Dark Power, which ThreatMon previously reported in its report.
According to them, the group was active long before the events of 2023 and was involved in incidents in Algeria, Egypt, the Czech Republic, Turkey, Israel, Peru, France and the United States.
Thus, according to the Chinese side, "tracking cyber attacks" has essentially become a tool in the hands of the United States to politicize information security issues and exert international pressure on the PRC, which, in turn, called the United States*the largest source of cyber attacks and the greatest threat to overall cybersecurity.
Earlier last month, SentinelOne published a report in which it wrote with a grin how China fails to attribute cyber attacks to the United States and reproached for constant links in its reports to old incidents.
After that, the Chinese Antiy responded to the SentinelOne report with a deeper assessment of the hostile cyberactivity of American companies from a technical point of view, attributing their attacks (including Stuxnet) in retrospect and connections with special services quite tightly and thoroughly.
And in order to finally wipe the nose and "at the request of TV viewers" from SentinelOne, the Chinese side, represented by the national CERT, rolled out a report (PDF) attributing Volt Typhoon to the activities of a group called Dark Power.
In their opinion, the United States carried out a cunning propaganda operation with the creation and promotion of the Volt Typhoon threat cluster, the aggressive image of which was imposed on China in many recent information security reports.
The purpose of the fraud is to "kill two birds with one stone at once", inflating the "theory of a global Chinese threat" for the national and other CII and inciting the US Congress to allocate appropriate appropriations.
It all started in May 2023, when the Five Eyes cybersecurity authorities rolled out a message about the discovery of allegedly pro-Chinese ART.
For confirmation, Microsoft was involved, which released the necessary report, which was then replicated by major Western media such as Reuters, the Wall Street Journal and the New York Times.
Later, Lumen Technologies also joined, also linking the KV botnet with Volt Typhoon.
All the companies involved in infosec after this feint received fat state contracts and project financing.
Of course, they forgot about clear attribution.
But Chinese researchers did not, they were able to expose the mentioned attacks and correlate them with cybercriminals from Dark Power, which ThreatMon previously reported in its report.
According to them, the group was active long before the events of 2023 and was involved in incidents in Algeria, Egypt, the Czech Republic, Turkey, Israel, Peru, France and the United States.
Thus, according to the Chinese side, "tracking cyber attacks" has essentially become a tool in the hands of the United States to politicize information security issues and exert international pressure on the PRC, which, in turn, called the United States*the largest source of cyber attacks and the greatest threat to overall cybersecurity.
