Tom Uren
Sven Herpig[Chinese] APTs Behaving Badly
"We'd describe 'acceptable behaviour' as being targeted at national security rather than economic interests, carrying out proportionate operations and avoiding unnecessary harm to third parties. Many cyber actors, including the US and allies, generally adhere to these behaviours, but others, including Chinese actors, do not."
[...]
"Mass deployment of malware is unacceptable because it causes unnecessary collateral damage — not the done thing for a responsible state program. To make matters worse, once Sophos had cottoned on to the intrusions, Guan and his colleagues allegedly altered their malware to make it more damaging, in a kind of scorched earth policy. If victims attempted to remove the malware, it would deploy encryption from the Ragnarok ransomware variant. We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure.."
Via @tomatospy - https://news.risky.biz/fcc-to-demand-telcos-improve-security/
FCC to Demand Telcos Improve Security
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Proofpoint. You can hear a podcast discussion of this newsletter by searching for