Tag Archive for: chinese

Hstoday Chinese Hackers Spent Up to 5 Years in US Networks

/in


Hackers from the People’s Republic of China spent up to five years in U.S. networks as part of a cyber operation that targeted U.S. critical infrastructure, law enforcement and international agencies said earlier this week.

“The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States,” an alert released by the agencies earlier this week said.

The yearslong operation by the state-sponsored cyber actor — called Volt Typhoon by U.S. authorities — was a way for China to position themselves for an attack on U.S. critical infrastructure using malware, officials said on a call with reporters.

Read the rest of the story at abc News, here.

Source…

Biden probes security risks of Chinese smart cars

/in


The News

The Biden administration is launching an investigation into national security risks posed by “connected” vehicles — cars linked to the internet — that use Chinese technology. Officials will weigh potential restrictions on the products to head off spying, hacking, or data collection.

Led by the Commerce Department, the investigation will solicit public comments over the next 60 days about risks posed by connected vehicles, which include electric vehicles, that use technology from China or other “countries of concern.” Ultimately, the administration could enact bans or “mitigating measures” to address any risks, a senior Biden administration official said, though officials are not currently promising to take any actions.

“Connected vehicles that have technologies sourced from China could be exploited in ways that threaten U.S. national security,” White House National Economic Council Director Lael Brainard told reporters. “The president believes it’s important for the United States to consider imposing safeguards to guard against connected vehicles operating on U.S. roads from relying on information and communication technology from China and other countries of concern.”

Commerce Secretary Gina Raimondo said the administration has a “high level of concern” about risks of Chinese-made connected vehicles and wants to act “before Chinese-manufactured vehicles become widespread in the United States and potentially threaten our privacy and our national security.”

The announcement is likely to inflame tensions with China, which has criticized U.S. curbs on semiconductors and other advanced technology the Biden administration says are motivated by national security considerations.

Know More

The investigation will be run by Commerce’s Bureau of Industry and Security, which is putting out an “advanced notice of proposed rulemaking” to solicit public input about potential risks from foreign-made technology in connected vehicles. The administration is taking the action under authorities provided by a Trump-era executive order.

The Biden administration is specifically looking at connected vehicles made with technology from China, even if those vehicles…

Source…

To combat Chinese cyber threats, the US must spearhead a new Indo-Pacific intelligence coalition

/in


To combat Chinese cyber threats, the US must spearhead a new Indo-Pacific intelligence coalition

When the highest-ranking US law enforcement official describes a concern as “the defining threat of our generation,” it should be taken seriously. On January 31, FBI Director Christopher Wray testified before Congress about China’s capability to threaten US national and economic security. In particular, he identified the imminent cyber threat that Chinese hackers pose to critical infrastructure. A China-sponsored cyber group called “Volt Typhoon,” Wray explained, has prepositioned cyberattack capabilities in the US communications, energy, transportation, and water sectors intended to “destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous.” Alarming in its own right, Volt Typhoon is just the latest example of Beijing’s ongoing “cyber onslaught,” Wray added.

This story is not new. Since at least 2019, the US government has publicly sounded the alarm about the threat that China’s cyberattack and espionage enterprise poses to US national security and to regional stability in East Asia. The 2023 annual threat assessment by the US Office of the Director of National Intelligence (ODNI) states that China “uses coordinated, whole-of-government tools to demonstrate strength and compel neighbors to acquiesce to its preferences.” The assessment adds that China’s cyber capabilities are essential for orchestrating espionage, malign influence, and attack operations in support of Chinese interests.

To confront the threat to critical infrastructure posed by Volt Typhoon and other state-sponsored Chinese cyber actors, the United States should launch an expansive new multilateral cyber threat intelligence sharing coalition in the Indo-Pacific. This coalition should utilize some of the lessons learned from the Five Eyes intelligence alliance, and it would incorporate members of the Five Eyes alliance, US Indo-Pacific partners, and even some European states. The expanded reach and resources of such a coalition would help disrupt cyber threats, signal to the world that the United States and its partners are committed to protecting both cyber and physical…

Source…

A Mysterious Leak Exposed Chinese Hacking Secrets

/in


While the documents have now been removed from GitHub, where they were first posted, the identity and motivations of the person, or people, who leaked them remains a mystery. However, Chang says the documents appear to be real, a fact confirmed by two employees working for i-Soon, according to the Associated Press, which reported that the company and police in China are investigating the leak.

“There are around eight categories of the leaked files. We can see how i-Soon engaged with China’s national security authorities, the details of i-Soon’s products and financial problems,” Chang says. “More importantly, we spotted documents detailing how i-Soon supported the development of the notorious remote access Trojan (RAT), ShadowPad,” Chang adds. The ShadowPad malware has been used by Chinese hacking groups since at least 2017.

Since the files were first published, security researchers have been poring over their contents and analyzing the documentation. Included were references to software to run disinformation campaigns on X, details of efforts to access communications data across Asia, and targets within governments in the United Kingdom, India, and elsewhere, according to reports by the New York Times and the The Washington Post. The documents also reveal how i-Soon worked for China’s Ministry of State Security and the People’s Liberation Army.

According to researchers at SentinelOne, the files also include pictures of “custom hardware snooping devices,” such as a power bank that could help steal data and the company’s marketing materials. “In a bid to get work in Xinjiang–where China subjects millions of Ugyhurs to what the UN Human Rights Council has called genocide–the company bragged about past counterterrorism work,” the researchers write. “The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan.”

The Federal Trade Commission has fined antivirus firm Avast $16.5 for collecting and selling people’s web browsing data through its browser extensions and security software. This included the details…

Source…