This week, it was widely reported that Chinese hackers remotely accessed US Treasury workstations.
Hybrid (cyber based) warfare is the name of the game in 2025 and we’re increasingly seeing nation state backed cyber-attacks being used for intelligence gathering purposes including to accelerate competitive edge, leapfrogging traditional R&D through the acquisition of intellectual property and trade secrets from Western organisations.
This discovery highlights the huge challenge posed by advanced persistent threats (APTs), particularly those backed by nation states. These attacks, often focused on espionage, deploy highly sophisticated and stealthy tactics, making them significantly more difficult to detect.
The incident reflects two recurring vulnerabilities: supply chain risk and weaknesses in remote access software - both frequent avenues for financially motivated cybercriminals. However, no system, vendor, or supply chain is immune to compromise, and once breached, even robust IT security measures can be circumvented. This incident highlights the importance of focusing on monitoring and detecting unauthorised activity to mitigate the impact of a cyber event, recognising preventative measures can only take organisations so far. Appreciating that it is when, not if, a security incident occurs is a critical mindset change that all organisations need to make.
Hybrid (cyber based) warfare is the name of the game in 2025 and we’re increasingly seeing nation state backed cyber-attacks being used for intelligence gathering purposes including to accelerate competitive edge.
unknownx500
