China Is 'biggest state sponsor of Cyber-Attacks on the West'

Security threats from Chinese companies building 5G networks could end up "putting all of us at risk" if they are not tackled quickly, according to a former security minister. 

Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.

5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.
However, the best 5G technology comes from Chinese companies, raising the fear that China's government could have ground-level access to, even control of, the UK's critical data infrastructure.

China has become the biggest state sponsor of cyber-attacks on the West, primarily in its bid to steal commercial secrets, according to a report by one of the world’s largest cybersecurity firms.

Crowdstrike, which revealed the Russian hack on the Democratic National Committee in 2016, said China was now ahead of Russia as the most prolific nation-state mounting attacks on firms, universities, government departments, think tanks and NGOs.

Its analysis of thousands of cyberattacks in the first six months of this year revealed more than a third (36pc) were targeted at technology firms, with a particular increase in attacks on biotechnology companies aimed at stealing their research secrets and intellectual property. Pharmaceutical, defence, mining and transport companies were also hit.

It said cyber-hackers were using increasingly sophisticated techniques to breach Western defences by replicating established software to hack firms, hijacking a firm’s clients’ computers as a potential ‘Trojan Horse’ route into their target and using personalised ‘phishing’ emails to senior executives.

China has become a bigger threat after a reorganisation of the People’s Liberation Army (PLA) put hacking in the hands of contract firms, effectively privatising operations.

Free of previous Chinese state bureaucracy, they are run by computer science experts with extensive links into hacking forums and groups, says Crowdstrike, which provides cybersecurity for half of the world’s biggest 20 multinationals.
IT giant Siemens was the biggest victim of one Chinese contractor in the US called Boyusec and which is linked to one of the more advanced and active Chinese government-sponsored espionage groups.

Three Chinese nationals at Boyusec have been charged with stealing 407 gigabytes of data from Siemens energy, technology and transport businesses, according to an unsealed justice department indictment. Two other firms, Moody’s Analytics and Trimble, were also targeted.

All three are residents of Guangzhou and have been accused of using spear phishing emails to get access to the firms’ computer networks. Boyusec has been linked to a hacker group known as Gothic Panda, which in turn has been connected to the Chinese Ministry of State Security (MSS).

Of 116 “adversary” groups identified by Crowdstrike, the bulk of nation-state cyber-attackers are Chinese followed by Russia with 10, Iran with eight, North Korea with five and a smattering of others including Pakistan, India, Vietnam, South Korea and some middle east governments.

According to Crowdstrike, it is not just firms that have been targeted. One attack began when an employee at a think tank received a message ostensibly from a university professor hosting a series of webinars for students.
The employee was invited to join one of the webinars as an expert speaker on global politics and economics. The video-conferencing application they downloaded was actually a ‘Trojan Horse’ version of a legitimate desktop programme which planted malicious software in the think tank.

In its report, Crowdstrike said it had uncovered highly-sophisticated techniques by hackers to hide their tracks in attacks on universities, a target because of their valuable research financial and personal data resources.

“Academic institutions also have reputations for somewhat relaxed IT security procedures, providing adversaries with potential opportunities to easily build malicious network infrastructures to facilitate additional attacks elsewhere,” it said.

Investigators uncovered growing evidence of cyberattacks on NGOs working overseas, in one case watching a hacker returning to an NGO’s systems to “perform access maintenance” to ‘sleeper’ files it had planted in the organisation. China, which has been extending its worldwide influence particularly in Africa, was suspected of the attack because of the technology used but Crowdstrike said it had not been able to confirm it.

Crowdstrike warned criminal gangs were getting more sophisticated, adopting the more advanced tactics and techniques of nation-state hackers to plant malicious software for fraud or identity theft. It has also seen a surge in criminal gangs hijacking companies’ computers to use them to generate crypto-currencies, a trend attributed to the rise in the value of such currencies in the winter of 2017.

Jennifer Ayers, Crowdstrike vice-president, said her biggest fear was a destructive global cyberattack using ransomware like that which crippled the NHS in May last year. An alleged North Korean spy has been charged in connection with the attack.

“We saw it with the NHS where people had to resort to using pen and paper. You could easily take that to the next level where smart technology, power plants and power grids are affected. That’s why a destructive global attack with ransomware scares me the most.

“The world wasn’t prepared for ransomware. It took some days to recover but it took others months.”

Telegraph:           Sky

You Might Also Read: 

Russia Stands Accused Of Global Hacking Campaign:

 

« British National Cyber-Centre Thwarts Hostile Hackers
How Cyber Criminals Are Using Social Media To Hack Bank Accounts »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Compumatica

Compumatica

Compumatica is a leading European ICT security manufacturer for cybersecurity and encryption products. Solutions include network security, SCADA/ICS security, Mobile/BYOD and email encryption.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

Riskified

Riskified

Riskified is a leading eCommerce fraud-prevention company, trusted by hundreds of global brands – from luxury fashion houses and retail chains, to gift card and ticket marketplaces.

Vaulto Technologies

Vaulto Technologies

Vaulto protects critical business processes that are conducted via the cellular network.

HoxHunt

HoxHunt

HoxHunt is an automated cyber training program that transforms the way your employees react and respond to the growing amount of phishing emails.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

ThreadStone Cyber Security

ThreadStone Cyber Security

ThreadStone Cyber Security offer reliable, practical and affordable cyber security solutions for both large and smaller organizations that we develop and deliver ourselves from Europe.

Nova Leah

Nova Leah

Nova Leah helps connected medical device manufacturers meet cybersecurity compliance requirements throughout the entire product lifecycle.

VeriClouds

VeriClouds

VeriClouds is a password verification service that helps organizations detect compromised passwords and stop account takeover attacks.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Saiflow

Saiflow

SaiFlow provides a tailor-made cybersecurity solution for Electric Vehicles Charging Infrastructure (EVCI), Distributed Energy Resources (DERs) and energy networks and assets.

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

AKS iQ

AKS iQ

AKS iQ leads the RegTech sector with AI, automating regulatory compliance in the banking industry and ensuring paperless TBML and CFT adherence in finance.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.