Tag Archive for: chinese

Cybersecurity agencies issue warning over Chinese hacking group

/in


Government cybersecurity authorities in the US and allied nations are sounding the alarm bell again over the Chinese hacking group known as Volt Typhoon.

In a joint advisory issued on Tuesday, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI, and eight international partners warned that the Beijing-backed Volt Typhoon gang may be gearing up for disruptive or destructive cyber strikes targeting critical infrastructure organisations.

“Volt Typhoon has been pre-positioning themselves on US critical infrastructure organisations’ networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies,” the advisory warns.

“This is a critical business risk for every organisation in the United States and allied countries.”

This latest alert comes just over a month after the same coalition of agencies revealed that Volt Typhoon had compromised the networks of multiple critical infrastructure victims in the US.

The alert recommends that organisations prioritise security efforts through tools like the Cybersecurity Performance Goals and engage with designated Sector Risk Management Agencies. It also urges implementing robust logging practices to detect stealthy “living off the land” techniques favoured by Volt Typhoon, which leverage legitimate software to blend into target environments.

Developing comprehensive incident response plans, conducting cybersecurity drills, and hardening supply chains are also highlighted as critical measures to thwart potential Volt Typhoon intrusions and attacks.

The repeated warnings underscore the grave concerns over Volt Typhoon’s capabilities and suspected destructive intentions against critical infrastructure providers in the US and allied nations amid heightened geopolitical tensions.

(Photo by Thomas Kelley)

See also: Nations demand tech firms tackle scammers

Unified Communications is a two-day event taking place in California, London, and Amsterdam that delves into the future of workplace collaboration in a digital world. The comprehensive event is co-located with Digital Transformation Week,…

Source…

Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol and sex

/in


BEIJING — The hotel was spacious. It was upscale. It had a karaoke bar. The perfect venue, the CEO of the Chinese hacking company thought, to hold a Lunar New Year banquet currying favor with government officials. There was just one drawback, his top deputy said.

“Who goes there?” the deputy wrote. “The girls are so ugly.”

So goes the sordid wheeling and dealing that takes place behind the scenes in China‘s hacking industry, as revealed in a highly unusual leak last month of internal documents from a private contractor linked to China’s government and police. China’s hacking industry, the documents reveal, suffers from shady business practices, disgruntlement over pay and work quality, and poor security protocols.

Private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security’s demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.

Though the existence of these hacking contractors is an open secret in China, little was known about how they operate. But the leaked documents from a firm called I-Soon have pulled back the curtain, revealing a seedy, sprawling industry where corners are cut and rules are murky and poorly enforced in the quest to make money.

Leaked chat records show I-Soon executives wooing officials over lavish dinners and late night binge drinking. They collude with competitors to rig bidding for government contracts. They pay thousands of dollars in “introduction fees” to contacts who bring them lucrative projects. I-Soon has not commented on the documents.

Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts, said the documents show that China’s hackers for hire work much like any other industry in China.

“It is profit-driven,” Danowski said. “It is subject to China’s business culture — who you know, who you dine and wine with, and who you are friends with.”

China’s hacking industry rose from the country’s early hacker culture, first appearing in the 1990s as citizens bought computers and went…

Source…

Chinese hacking firm buys officials’ favor with alcohol, women

/in


  • By Dake Kang and Zen Soo / AP, BEIJING

China’s hackers for hire take government officials out for lavish banquets, binge drinking and late-night karaoke with young women to win favor and business, as revealed last month in a highly unusual leak of internal documents from a private contractor linked to Chinese police.

China’s hacking industry is vast in size and scope, but also has shady business practices, disgruntlement over pay and work quality, and poor security protocols, the documents showed.

Private hacking contractors are companies that steal data from other countries to sell to Chinese authorities. Over the past two decades, Chinese state security’s demand for overseas intelligence has soared, giving rise to a vast network of private hackers for hire companies that have infiltrated hundreds of systems outside China.

Photo: AP

Although the existence of these hacking contractors is an open secret in China, little was known about how they operate.

However, the leaked documents from a firm called I-Soon (安洵信息) have pulled back the curtain, revealing a seedy, sprawling industry where corners are cut, and rules are murky and poorly enforced in the quest to make money.

Leaked chat records showed that I-Soon executives are colluding with competitors to rig bidding for government contracts. They pay thousands of dollars in “introduction fees” to contacts who bring them lucrative projects.

I-Soon has not commented on the documents.

Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts, said the documents showed that China’s hackers for hire work much like any other industry in China.

“It is profit driven,” Danowski said. “It is subject to China’s business culture — who you know, who you dine and wine with, and who you are friends with.”

Although I-Soon boasted about its hacking prowess in…

Source…

Leaked documents expose Chinese hacking company for shady business practices

/in


The hotel was spacious. It was upscale. It had a karaoke bar. The perfect venue, the CEO of the Chinese hacking company thought, to hold a Lunar New Year banquet currying favor with government officials. There was just one drawback, his top deputy said.

“Who goes there?” the deputy wrote. “The girls are so ugly.”

So goes the sordid wheeling and dealing that takes place behind the scenes in China’s hacking industry, as revealed in a highly unusual leak last month of internal documents from a private contractor linked to China’s government and police. China’s hacking industry, the documents reveal, suffers from shady business practices, disgruntlement over pay and work quality, and poor security protocols.

GOP REP SOUNDS ALARM ON GROWING CHINESE INFLUENCE IN CENTRAL AND SOUTH AMERICA

Private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security’s demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.

chinese hacking company

The interior of the I-Soon office is shown as the company faces allegations over shady business practices, disgruntled employees, and poor security protocols.  (AP Photo/Dake Kang)

Though the existence of these hacking contractors is an open secret in China, little was known about how they operate. But the leaked documents from a firm called I-Soon have pulled back the curtain, revealing a seedy, sprawling industry where corners are cut and rules are murky and poorly enforced in the quest to make money.

Leaked chat records show I-Soon executives wooing officials over lavish dinners and late night binge drinking. They collude with competitors to rig bidding for government contracts. They pay thousands of dollars in “introduction fees” to contacts who bring them lucrative projects. I-Soon has not commented on the documents.

CHINA’S BELT AND ROAD INITIATIVE PLAGUED BY CORRUPTION AND POLITICAL BACKLASH: REPORT

Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts, said the documents show that China’s hackers for hire work much like any…

Source…