Gavin Knappon cyber threat intelligence leadership Bridwell, a supplier of critical network infrastructure to the UK government, supported the seriousness of this approach. He said, “It’s as if when a device is compromised, the only way to really be sure there are no remains or unknown backdoors is to restore the asset to a known good state. In the physical realm, especially in a data center, it is more difficult to clear and verify the presence of any persistent threat actor/spy, and the effort required to treat or eliminate the risk at the state secret level is greater in reducing the risk. The amount of effort and cost required is at an acceptable level.”
Although it is unclear how the data hub was compromised, martin riley“The main point of entry may be the VPN, as is common with Chinese actors, but if they have already moved into the environment and have elevated privileges, the impact will be widespread,” said Bridwell’s CTO.
Riley said that while the government said it had found another way to protect the data, it likely had fixed a vulnerability “after responding to the incident to understand the depth of the breach and how it was initially accessed.”
