Cyber Warfare

CNN
Date: February 20, 2019
By Jethro Mullen, CNN Business

Hong Kong (CNN Business)Hackers in China have significantly stepped up attacks on US companies as the two countries have clashed over trade and technology.

Top cybersecurity firm CrowdStrike saw “a big resurgence” last year in efforts by China-based groups to break into the systems of American businesses for commercial gain — a trend that “shows no sign of stopping,” said Michael Sentonas, the company’s vice president of security technology.

The spike in attacks on US targets — which include telecom operators, pharmaceutical firms and hotel chains — is “likely tied to increased tensions between the two countries,” CrowdStrike said in a report published Tuesday.

Chinese attacks on US companies had fallen away in recent years after the two governments agreed in 2015 not to conduct cybertheft of trade secrets and intellectual property against one another for commercial gain. That drop-off now “appears to have been reversed,” CrowdStrike said.    [FULL  STORY]

BBC News
Date: 20 February 2019
By Gordon CoreraSecurity correspondent

Image copyrightREUTERS
Huawei has said it is independent and gives nothing to Beijing, aside from taxes

The UK is vulnerable to Chinese influence and interference, according to a defence and security think tank.

A report from the Royal United Services Institute (Rusi) said it would be “naive” and “irresponsible” to allow Chinese tech giant Huawei to access the UK’s telecommunications system.

The UK is currently reviewing whether to allow the company to build new 5G phone networks.

A spokesperson for the Chinese embassy said the claims were “scaremongering”.

The report, written by Charles Parton, a former British diplomat who spent most of his 30 year career working on China, said that if Huawei was allowed to participate in the rollout of the new 5G mobile networks it could install a “hidden backdoor”, giving the Chinese government access to the system.

It also warned of the risk of interference in other areas including academia, politics and technology.    [FULL  STORY]

Chinese hackers allegedly grabbed missile defense plans.

The National Interest
Date: February 17, 2019
By: War Is Boring

A cybersecurity firm reports that Chinese hackers have stolen technical data for the Iron Dome rocket-defense system from Israeli computers.

Maryland-based Cyber Engineering Services detected the cyber burglary, according to cybersecurity writer Brian Krebs.

“Between Oct. 10, 2011 and Aug. 13, 2012, attackers thought to be operating out of China hacked into the corporate networks of three top Israeli defense technology companies, including Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems,” Krebs writes.

“By tapping into the secret communications infrastructure set up by the hackers, CyberESI determined that the attackers exfiltrated large amounts of data from the three companies,” he continues.

“Most of the information was intellectual property pertaining to Arrow III missiles, Unmanned Aerial Vehicles, ballistic rockets and other technical documents in the same fields of study.”    [FULL  STORY]

ADVERTISING

inRead invented by Teads

Report Advertisement
CyberESI believes the culprits were the “Comment Crew,” a hacking group sponsored by the Chinese military. Mandiant, a Virgina-based cybersecurity firm, has further identified this group as “the 2nd Bureau of the People’s Liberation Army General Staff Department’s 3rd Department, which is most commonly known by its Military Unit Cover Designator as Unit 61398.”

New Zealand academic says Chinese intimidation tactics she has studied are now being used against her

The Guardian
Date: 22 Jan 2019
By: Eleanor Ainge Royin

China academic Anne-Marie Brady says the harassment has put a strain on her family life. Photograph: Kevin Frayer/Getty Images

It’s just gone midday at Canterbury University and Professor Anne-Marie Brady is rock-hopping across a crystal clear stream.

The life-long academic takes an overgrown bush track to reach the Okeover community gardens, her eyes scanning the sky for native birds. It’s the height of summer in Christchurch and the garden is filled with rhubarb plants, clumps of chewy spinach and spring onions whose tips have turned white in the sun.

“I used to spend a lot of time here,” says Brady, 52, examining the beds, ploughed by academic staff and students wanting to unwind. “I don’t any more.”

Brady has spent more than 25 years researching the Chinese Communist party (CCP), using her base in New Zealand as a refuge to work on her books, cook elaborate meals for her family and tend her vegetable and flower gardens.

Anne-Marie Brady, a professor at the University of Canterbury. Photograph: Supplied
But since the publication of her 2017 paper Magic Weapons, which details the extent of Chinese influence in New Zealand, Brady’s life has been turned upside down, becoming the target of a campaign of intimidation and “psy-ops” she believes is directed by Beijing towards her and her family. The Chinese government has not responded to requests for comment.

Beginning in late 2017, Brady has had her home burgled and her office broken into twice. Her family car has been tampered with, she has received a threatening letter (“You are the next”) and answered numerous, anonymous phone calls in the middle of the night, despite having an unlisted number. The latest came at 3am on the day her family returned home after a Christmas break. “I’m being watched”, she says.

A self-described “stoic”, Brady has had to draw on her experience of PTSD after the 2010 Christchurch earthquakes to help her handle the harassment.

“I have already protected myself in terms of all my information, and the rest is a mind game. It is meant to scare me… to cause mental illness or inhibit the kinds of things I write on – to silence me,” says Brady, her voice quavering slightly. “So I win by not being afraid.”

Close associates of Brady’s have also been visited by the Ministry of State Security in China.

Brady’s employer, Canterbury University, recently hired a security consultant to protect her office. New locks were fitted, CCTV introduced, and encryption software installed.
[FULL  STORY]

December 28, 20183:51 PM ET
By: Greg Myre

A Justice Department poster shows two Chinese citizens suspected of carrying out an extensive hacking campaign directed at dozens of U.S. tech companies. U.S. law enforcement says such cases are on the rise as China seeks to become a world leader in advanced technologies by 2025.
Manuel Balce Ceneta/AP

To understand China’s espionage goals, U.S. officials say, just look at the ambitious aims the country set out in the plan “Made in China 2025.”

By that date, China wants to be a world leader in artificial intelligence, computing power, military technology, as well as energy and transportation systems. And that’s just a partial list.

“It’s guidance to the rest of government and the rest of their companies and to their people, that this is what we want to be the best in class at, and therefore you should organize your activities, whether they’re legal or illegal, to achieve that,” John Demers, assistant attorney general for the the National Security Division at the Justice Department, said in recent testimony before the Senate Judiciary Committee.

He said the recent legal cases against China show the country is aggressively trying to steal technology directly related to its stated goals.

NATIONAL SECURITY
Justice Department Charges Chinese Hackers In Bid To Curtail Cyber-Theft
“We don’t begrudge them their efforts to develop technologically, but you cannot use theft as a means to develop yourself technologically, and that’s what they’re doing in a number of areas,” said Demers.

This battle has been been going on for years and is heating up again, according to U.S. officials and analysts. It’s playing out across a broad landscape that involves most every tech industry.    [FULL  STORY]

Voice of America
Date: December 11, 2018
By: Reuters

NEW YORK — A senior U.S. intelligence official said on Tuesday that Chinese cyber activity in the United States had risen in recent months, targeting critical infrastructure in what may be attempts to lay the groundwork for future disruptive attacks.

“You worry they are prepositioning against critical infrastructure and trying to be able to do the types of disruptive operations that would be the most concern,” National Security Agency official Rob Joyce said at a Wall Street Journal cybersecurity conference.

Joyce, a former White House cyber adviser for President Donald Trump, did not elaborate. A spokeswoman for the NSA said Joyce was referring to digital attacks against the U.S. energy, financial, transportation and healthcare sectors.

The comments are notable because U.S. complaints about Chinese hacking have to date focused on espionage and intellectual property theft, not efforts to disrupt critical infrastructure.

China has repeatedly denied U.S. allegations it conducts cyber attacks.    [FULL  STORY]

Flashpoint linguists think the authors of WannaCry were native Chinese speakers

Taiwan News
Date: 2017/05/27
By: Keoni Everington, Taiwan News, Staff Writer

TAIPEI (Taiwan News) — Linguists at the dark web intelligence firm Flashpoint say the

Image of Chinese language ransom note sent by WannaCry malware. (Image from Kaspersky Lab)

Mandarin Chinese version of the ransom message sent by the WannaCry malware program was the only one composed by native speakers, indicating that it may have been made in China, not North Korea as previously suspected by antivirus company Symantec.

Flashpoint’s linguists analyzed ransom notes generated by WannaCry in 28 languages from Bulgarian to Vietnamese, and found that all had been generated by Google Translate, with the exception of English and Simplified and Traditional Chinese. However, the English message had grammatical errors indicating it was written by a non-native English speaker.

The Chinese messages, on the other hand, were composed at a native level and differed substantially from the other notes (including the English version) in content, format, tone, and length.

There are a number telltale traits in the ransom note that correspond to a native Chinese speaker. The typo “帮组” (bangzu) instead of “帮助” (bangzhu) meaning “help,” indicates that it was written with a Chinese-language input system that possibly involved keying in the mainland Chinese romanization system Pinyin, as the typo appears to result from failing to input the letter “h.”    [FULL  STORY]

A private industry IT security firm tells Fox News that personal data stolen over the span of several high-profile U.S. cyber breaches is being indexed by China’s intelligence service into a massive Facebook-like network.

According to CrowdStrike founder Dmitri Alperovitch, Chinese hackers are using information gained from the breaches of the U.S. Office of Personnel Management, as well as intrusions into the Anthem and CareFirst BlueCross BlueShield health insurance networks, to build a complete profile of federal employees in what the company calls a “Facebook of Everything.”

“That can now be used to embarrass you publicly and force you to work for the Chinese government,” Alperovitch told Fox News. “It’s, in effect, a private version of Facebook with much more detail about your life than even Facebook has that the Chinese now have access to.” Current and former intelligence officials echoed the assessment.     [FULL  STORY]

NBC News
Date: Sep 11 2015,
By: Reuters

China reacted angrily on Friday following a call by America’s top intelligence official for cyber security Clipboard01against China to be stepped up, and said the United States should stop “groundless accusations.”

Director of National Intelligence James Clapper said the United States must beef up cyber security against Chinese hackers targeting a range of U.S. interests to raise the cost to China of engaging in such activities. Clapper’s testimony adds pressure on Beijing over its conduct in cyberspace weeks before President Xi Jinping visits the United States.

China routinely denies any involvement in hacking and says it is also a victim.

“Maintaining cyber security should be a point of cooperation rather than a source of friction between both China and the United States,” Chinese Foreign Ministry spokesman Hong Lei told a daily news briefing.

“We hope that the U.S. stops its groundless attacks against China, start dialogue based on a foundation of mutual respect, and jointly build a cyberspace that is peaceful, secure, open and cooperative.”

The Obama administration is considering targeted sanctions against Chinese individuals and companies for cyber attacks against U.S. commercial targets, several U.S. officials have said.     [FULL  STORY]

Reuters
Date: Jun 21, 2015
By: Jeremy Wagstaff

Security researchers have many names for the hacking group that is one of the suspects for the cyberattack

A sign marks the entrance to RSA's facility in Bedford, Massachusetts, in this March 28, 2014 file photo. REUTERS/Brian Snyder/Files
A sign marks the entrance to RSA’s facility in Bedford, Massachusetts, in this March 28, 2014 file photo. REUTERS/Brian Snyder/Files

on the U.S. government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew, and Myers’ team is one of the few who has watched it mid-assault — and eventually repulsed it.

Myers’ account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government – a charge Beijing denies.

“The Shell Crew is an extremely efficient and talented group,” Myers said in an interview.Shell Crew, or Deep Panda, are one of several hacking groups that Western cybersecurity companies have accused of hacking into U.S. and other countries’ networks and stealing government, defense and industrial documents.The attack on the OPM computers, revealed this month, compromised the data of 4 million current and former federal employees, raising U.S. suspicions that Chinese hackers were building huge databases that could be used to recruit spies.     [FULL  STORY]