Security News > 2022 > May > False-flag cyberattacks a red line for nation-states, says Mandiant boss

False-flag cyberattacks represent a red line that even nation states like Russia and China don't want to cross, according to Mandiant CEO Kevin Mandia.

"It's one of the last rules of the playground that a modern nation may not want to break because they don't want everyone doing false flags," he said, speaking on a panel this week at Vanderbilt University's Summit on Modern Conflict and Emerging Threats.

"People worry about false flags," NSA director of cybersecurity Rob Joyce said, adding that "I don't know of a big one" that has been successful.

While attributing a cyberattack to a particular crime group or nation state with 100 percent confidence "Is absolutely hard," any cybercriminal operation has its preferred tactics, techniques, and procedures for breaking and entering as well as its own unique malware, he noted.

In addition to sowing general chaos, and ensuring escalation in a cyber conflict, there's another reason why nation states aren't willing to cross the red line of false-flag operations.

As the US pushes nations including Russia to hold its cybercriminals accountable, having its own vigilantes volunteering in the so-called IT Army to launch cyberattacks against Moscow doesn't help, Joyce added.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/07/false_flag_attacks/