Government Hackers Are Leading the Use of Attributed Zero-Days, Google Says (techcrunch.com) 2
Hackers working for governments were responsible for the majority of attributed zero-day exploits used in real-world cyberattacks last year, per new research from Google. From a report: Google's report said that the number of zero-day exploits -- referring to security flaws that were unknown to the software makers at the time hackers abused them -- had dropped from 98 exploits in 2023 to 75 exploits in 2024.
But the report noted that of the proportion of zero-days that Google could attribute -- meaning identifying the hackers who were responsible for exploiting them -- at least 23 zero-day exploits were linked to government-backed hackers. Among those 23 exploits, 10 zero-days were attributed to hackers working directly for governments, including five exploits linked to China and another five to North Korea.
But the report noted that of the proportion of zero-days that Google could attribute -- meaning identifying the hackers who were responsible for exploiting them -- at least 23 zero-day exploits were linked to government-backed hackers. Among those 23 exploits, 10 zero-days were attributed to hackers working directly for governments, including five exploits linked to China and another five to North Korea.
Shocked! Shocked I say! (Score:2)
To think that government employees would do their jobs! Using previously undisclosed software vulnerabilities to hack systems!
That's! ...that's ...er ...that's expected.
Spies gonna spy.
Why only now do we understand? (Score:2)
Or do we yet understand this is an evolution of warfare. Cyber weapons, states attacking the populations, assymetrical warfare at its logical development.
It will get worse. Doubtful we can prevent real damage to individuals.