Malicious Behavior Prevention
Sichuan Silence Information Technology Co Ltd… has been under investigation during a Meta Platforms disinformation network removal effort and is now sanctioned along with an indicted employee Guan Tianfeng. Following Facebook and Twitter claims by an already investigated (fake) Swiss biologist “Wilson Edwards” promoted pressuring the World Health Organization in a viral advertisement campaign linking the United States with COVID-19 conspiracies. The details according to Reuters include UK-based firm Sophos as having system-wide router networks that were targeted by the Chengdu-based security company, today December 10, 2024 from Washington.
Back in October 2024 University of Electronic Science and Technology of China was reported by Wired that the UK-firm and Microsoft were targeted for years by hacker groups using Advanced Persistent Threats (APT) known in-house as Volt Typhoon, also known as Vanguard Panda or VOLTZITE among other names.
What is particularly interesting about the indictment involving 80,000 firewalls, including 36 protecting critical infrastructure located in the United States, is the purpose of the cyberwarfare by China. Protecting vulnerabilities in an online ecosystem comes with shared interests and allows me to look at the viral etymology of their purpose – a similar goal I shared in my introductory microbiology course identifying bacteria.
The Volt Typhoon listing located at Wikipedia lists the names of the malware disambiguated by utility. Dev-0391/Storm-0391 by Microsoft, BRONZE SILHOUETTE by Secureworks, a subsidiary of Dell, Insidious Taurus by Palo Alto Networks Unit 42, Redfly by Gen Digital, formerly Symantec, UNC3236 by Mandiant, a subsidiary of Google, VANGUARD PANDA by CrowdStrike and VOLTZITE by Dragos, assumingly Double Dragon (hacking group).
Without going too much into technical details, vulnerabilities in the Sophos ShadowPad Loader utility were already widely known as early as July, earlier in the year 2024. The groups referring to the same threat vector by the nomenclature would naturally form a subgroup or at least a vector to communicate by the protected vulnerability against its exploitation, an active threat anomaly formed in 2021-at least. Infrastructure targeted emphasize communications.
Configurations established in-place by the APT conjure to mind images of how my personal devices would be affected by bad actors. Would my voice and image, physical data or psychological personality be attacked using my most intimate devices? Does backdoor access to my ‘face data’ allow for ethical hackers to simulate my likeness making server-side user changes? Might my identity need be verified by an artificially intelligent process run manually, say in a virtual meeting on a schedule? Will my fitness watch give a 3D-avatar on Google Maps an actual heartbeat, already mapping out a 3D-mocked immediacy?
I’m already on the defensive in my real-life identity attacked, kind of like an exploit. I could write the book in self-actualization with what I mean, but online I feels like office. Building private networks native makes me feel like a little group of its own and researching backup, failover clusters in energy-dependent security.