БЛОГ

Nov 9, 2024

US ‘false flag’ operations pollute global cyberspace

Posted by in categories: cybercrime/malcode, governance, internet

Illustration: Liu Rui/GT

China on Monday released its third report on the “Volt Typhoon” investigation. The report not only provides critical new information but also delivers a clearer message to responsible stakeholders concerned with global cyberspace security and governance: A previously underappreciated threat must be taken seriously. This threat originates from US intelligence agencies and security bodies, which, possessing superior technological capabilities, engage in “false flag” operations — activities carried out to deliberately conceal the true origin of cyberattacks while falsely attributing responsibility to someone else, particularly an opponent. To serve their own interests, these organizations openly or tacitly collaborate with high-tech companies.

The Marble Framework mentioned in the latest investigative report was first exposed in 2017 when WikiLeaks claimed to have obtained information from inside the CIA’s Center for Cyber Intelligence. Developed by the CIA as an anti-forensics tool, the primary function of the Marble Framework is to obscure and disguise the true origins of cyberattacks, making it difficult to trace these attacks back to the actual perpetrators. The Marble Framework employs string obfuscation to hide textual information within the malware, as this text often provides forensic experts with clues to identify the developer or country of origin behind the malicious software.

Leave a reply