The only obvious countermove to this problem is to try putting investigators off the trail by going after targets that aren’t really of interest. But that causes its own issues—raising the volume of activity vastly increases the chances of getting caught—which raises a Catch-22 dilemma for the hackers.
The fingerprints left by the attackers were enough to eventually convince Israeli and American investigators that the Chinese group, not Iran, was responsible. The same hacking group has prior form, having used similar deceptive tactics before. In fact, it may even have hacked the Iranian government itself in 2019, adding an extra layer to the deception.
It is the first example of a large-scale Chinese hack against Israel, and comes in the wake of a set of multi-billion dollar Chinese investments into the Israeli tech industry. They were made as part of Beijing’s Belt and Road Initiative, an economic strategy meant to rapidly expand Chinese influence and reach clear across Eurasia to the Atlantic Ocean. The United States warned against the investments on the grounds that they would be a security threat. The Chinese Embassy in Washington D.C. did not immediately respond to a request for comment.
Misdirection and misattribution
UNC215's attack on Israel was not particularly sophisticated or successful, but it shows how important attribution—and misattribution—can be in cyberespionage campaigns. Not only does it provide a potential scapegoat for the attack, but it also provides diplomatic cover for the attackers: When confronted with evidence of espionage, Chinese officials regularly attempt to undermine such accusations by arguing that it is difficult or ev ..
Support the originator by clicking the read the rest link below.
