March has been a month of concern for members of the cybersecurity community following revelations of extensive hacking campaigns carried out by state-backed groups.
At the end of the month, it was reported that APT 31, a Chinese state-backed threat group, had accessed information on tens of millions of UK voters in breach of the Electoral Commission. Threat actors had also targeted American politicians and companies.
What can we learn from the breach and how can organizations protect themselves against future state-backed threats?
In this episode, Jane and Rory welcome Ross Kelly, ITPro's news and analysis editor, to explore the month's cybersecurity developments.
Reflexes
“APT31 is a threat group linked to the Chinese state, it is very active, very aggressive in its tactics and is known to target a wide variety of public and private sector organizations.”
“It is very indicative of the increasingly intertwined nature of the public sector and the private sector, the third sector and government, in terms of how our economies function today. If, say, a private company is attacked, how many times have we seen government departments in the United States, for example, affected by that, and vice versa? It is both a political and financial minefield for governments and private companies themselves.”
“[Phishing] It's still something that threat actors use widely because it's so effective. That's where education comes into the equation: for businesses, whether in the public or private sector, educating and informing staff so they can be on the lookout for telltale signs is essential. “