Chinese Government Alters Threat Database Records

In episode 29 of this podcast we heard from Dr. Bill Ladd, chief data scientist at Recorded Future, about the differences between the U.S. and Chinese cyber threat vulnerability reporting systems. He pointed out the difference in speed of publishing between the two, with the Chinese generally being faster, as well as their conclusion that the Chinese National Vulnerability Database (CNNVD) is essentially a shell for the Chinese MSS, the Ministry of State Security. This being the case, there’s evidence that the Chinese evaluate high-threat vulnerabilities for their potential operational utility before releasing them for publication.

Since then, researchers at Recorded Future have taken another look at the CNNVD and discovered the outright manipulation of publication dates of vulnerabilities. Priscilla Moriuchi is director of strategic threat development at Recorded Future and, along with Dr. Bill Ladd, she’s coauthor of their research analysis, “China Altered Public Vulnerability Data to Conceal MSS Influence.” She joins us to discuss their findings, and their broader implications.

This podcast was produced in partnership with the CyberWire and Pratt Street Media, LLC.

The post Chinese Government Alters Threat Database Records appeared first on Recorded Future.

Article Link: https://www.recordedfuture.com/podcast-episode-47/