Tag Archive for: China’s

Leaked documents expose shady practices and corruption in China’s hacking industry | Dake Kang & Zen Soo



`












Source…


[the_ad_group id="27628"]

We’re Slowly Learning About China’s Extensive Hacking Network


The first two months of 2024 featured several revelations on the extent of China’s extensive hacking network. A joint cybersecurity advisory alert was recently posted from the CISA (Cybersecurity and Infrastructure Security Agency), the NSA, and the FBI on the extent to which Chinese state-backed hackers have had access to key U.S. infrastructures over the past five years, and planted malware that could trigger widespread disruptions to society. It was co-authored by the U.S. Department of Energy, the EPA, and the Transportation Security Administration, as well as by Canada’s, Australia’s, New Zealand’s and the United Kingdom’s cybersecurity centers.

Computer code on a screen with a skull representing a computer virus / malware attack.

I’ve reported in the past on China’s massive intellectual property theft and cyberespionage here and here. These activities included obtaining emails and communications from government officials.

The recent high-level alert escalates tensions

China’s state-backed hackers have embedded malware within critical U.S. infrastructure, such as programs used to manage clean drinking water, the power grid, and air traffic, among others. According to CISA director Jen Easterly at a hearing on the House Select Committee on the Chinese Communist Party,

This is truly an Everything Everywhere, All at Once scenario. And it’s one where the Chinese government believes that it will likely crush American will for the U.S. to defend Taiwan in the event of a major conflict there.

FBI Director Christopher Wray said that Chinese state-backed hackers have been lying dormant in critical U.S. infrastructure for five years, pre-positioning malware. In the event that there is a U.S.–China conflict, China can enact a cyberattack that will weaken U.S. operations. Intelligence analysts link this threat to a potential conflict over Taiwan, which the U.S. has promised to defend in the event China attacks the island. Taiwan operates as a de facto nation but is claimed by Beijing as part of the People’s Republic of China.

Wray has described China’s hacking program as larger than that of every nation combined:

In fact, if you took every single one of the F.B.I.’s cyberagents and intelligence analysts and focused…

Source…

Hackers for sale: what we’ve learned from China’s enormous cyber leak | Technology


A enormous data leak from a Chinese cybersecurity firm has offered a rare glimpse into the inner workings of Beijing-linked hackers.

Analysts say the leak is a treasure trove of intel into the day-to-day operations of China’s hacking programme, which the FBI says is the biggest of any country. The company, I-Soon, has yet to confirm the leak is genuine and has not responded to a request for comment. As of Friday, the leaked data was removed from the online software repository GitHub, where it had been posted.

From staff complaints about pay and office gossip to claims of hacking foreign governments, here are some of the key insights from the leaks:

Who got hacked?

Every day, workers at I-Soon were targeting big fish.

Government agencies of China’s neighbours, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites or email servers compromised, the leak revealed. There are long lists of targets, from British government departments to Thai ministries. I-Soon staff also boasted in leaked chats that they secured access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia, among others. They named the government of India – a geopolitical rival of Beijing’s – as a key target for “infiltration”. And they claimed to have secured back-end access to higher education institutions in Hong Kong and self-ruled Taiwan, which China claims as part of its territory. But they also admitted to having lost access to some of their data seized from government agencies in Myanmar and South Korea.

Other targets are domestic, from China’s north-western region of Xinjiang to Tibet and from illegal pornography to gambling rings.

Who was paying I-Soon?

Judging from the leaks, most of I-Soon’s customers were provincial or local police departments – as well as province-level state security agencies responsible for protecting the Communist party from perceived threats to its rule. The firm also offered clients help protecting their devices from hacking and securing their communications – with many of their contracts listed as “non-secret”.

There were references to official corruption: in one chat, salesmen discussed selling the company’s…

Source…

Hackers for sale: What we’ve learnt from China’s massive cyber leak


BEIJING – A massive data leak from Chinese cyber-security firm I-Soon has offered a rare glimpse into the inner workings of Beijing-linked hackers.

I-Soon has yet to confirm the leak is genuine and has not responded to a request for comment from AFP.

As at Feb 23, the leaked data was removed from the online software repository GitHub, where it had been posted.

Analysts say the leak is a treasure trove of intelligence into the day-to-day operations of China’s hacking programme, which the United States’ Federal Bureau of Investigation says is the biggest of any country.

From staff complaints about pay and office gossip to claims of hacking foreign governments, here are some of the key insights from the leaks:

Who got hacked?

Every day, workers at I-Soon were targeting big fish.

Government agencies from China’s neighbours, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites or e-mail servers compromised, the leak revealed.

There are long lists of targets, from British government departments to Thai ministries.

I-Soon staff also boasted in leaked chats that they secured access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia, among others.

They named the government of India – a geopolitical rival of Beijing’s – as a key target for “infiltration”.

And they claimed to have secured back-end access to higher education institutions in Hong Kong and self-ruled Taiwan, which China claims as part of its territory.

But they also admitted to having lost access to some of their data seized from government agencies in Myanmar and South Korea.

Other targets are domestic, from China’s north-western region of Xinjiang to Tibet and from illegal pornography to gambling rings.

Who was paying them?

Judging from the leaks, most of I-Soon’s customers were provincial or local police departments – as well as province-level state security agencies responsible for protecting the Communist Party from perceived threats to its rule.

The firm also offered clients help protecting their devices from hacking and securing their communications – with many of their contracts listed as…

Source…