NATO has been urged to step up attribution in order to better combat state-sponsored threat actors, The Hill reports.
Malicious attackers should be made accountable by NATO for their covert cyber operations, according to Merle Maigre, a senior fellow at the Center for European Policy Analysis."
Attribution is a good way to make clear to malicious actors that their actions will be seen and will be addressed," said Maigre at The German Marshall Fund-hosted virtual roundtable meeting.Maigre also said that attribution would indicate policymakers' increased knowledge about network intrusions that would improve attack investigations.
Moreover, the public would also be more accepting of needed cybersecurity measures if they have a greater awareness of existing cybersecurity threats. However, credible evidence is crucial prior to effective attribution of cyberattacks, she said.
”I firmly believe that attribution is only as good as the information that the allies are willing to share," added Maigre.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.