March rundown: The return of state-backed hacking campaigns

Features
By
published

A major attack on the electoral commission raised concerns for the security capabilities of public and private organizations

The words ‘March rundown: The return of state-backed hacking campaigns’ overlaid on a lightly-blurred image of a world map with red blotches, lit dimly. Decorative: the words ‘state-backed hacking campaigns’ are in yellow, while other words are in white. The ITPro podcast logo is in the bottom right corner.
(Image credit: Future / Unsplash - Martin Sanchez)

March has been a month of concern for those in the cyber security community following revelations of extensive hacking campaigns carried out by state-backed groups.

In the latter part of the month, it was reported that APT 31, a Chinese state-backed threat group, had accessed information on tens of millions of UK voters in a breach of the Electoral Commission. Threat actors had also targeted US politicians and businesses. 

What can we learn from the breach and how can organizations protect themselves against future state-backed threats?

In this episode, Jane and Rory welcome back Ross Kelly, ITPro’s news and analysis editor, to explore the month’s cyber security developments.

Highlights

“APT31 is a Chinese state-linked threat group, it's highly active, highly aggressive in its tactics, and it's been known to target a wide variety of public and private sector organizations.”

RELATED WEBINAR

Orange background and white text that says Generative AI Security: Balancing the risks and rewards of using AI

(Image credit: Cloudflare)

Integrate AI into applications while minimizing its risk

“It's very much indicative of the increasingly interwoven nature of public sector and private sector, third-sector, government, in terms of how our economies work today. If you have an attack on, say, a private enterprise how many times have we seen government departments in the US, for example, impacted by that, and vice versa? It's both a political and financial minefield for governments and private enterprises themselves.”

“[Phishing] is still something that threat actors are using extensively, because it's so effective. That's where education comes into the equation: enterprises, whether in the public sector or private sector, educating and informing staff, to be able to look out for telltale signs is critical. ”

Footnotes

Subscribe 

Rory Bathgate
Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.