Intelligent CISO Issue 40 - Page 24

threat updates
1

1

US / CHINA
The US government has formally attributed the Microsoft Exchange hack to China . It has released an indictment that identifies four APT40 operators as working with China ’ s Ministry of State Security . In response to this move , Ben Read , Director of Analysis , Mandiant Threat Intelligence , said : “ The statements by multiple governments naming the People ’ s Republic of China as responsible for the widespread exploitation of Microsoft Exchange servers in the spring is consistent with Mandiant ’ s previous findings .
“ The indictment highlights the significant threat to multiple businesses from Chinese espionage . The group ’ s focus on biomedical research shows that emerging technologies are still a key target for Chinese espionage . Alongside that , the theft of negotiating strategies underscores the risk posed to all companies doing business with China , not just those with high value intellectual property .”

2

EUROPE
Leading retail giant , IKEA , has apologised for infringing the data privacy of its employees in France after it was fined € 1 million .
IKEA France said that the incident – where the retailer was found guilty of collecting staff members ’ private data – ‘ seriously undermined the values and ethical standards of the company ’. Following the incident , which occurred in 2012 , IKEA France put in place an action plan to prevent such practices , which still exists today .
24 www . intelligentciso . com