China Is 'biggest state sponsor of Cyber-Attacks on the West'

Security threats from Chinese companies building 5G networks could end up "putting all of us at risk" if they are not tackled quickly, according to a former security minister. 

Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.

5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.
However, the best 5G technology comes from Chinese companies, raising the fear that China's government could have ground-level access to, even control of, the UK's critical data infrastructure.

China has become the biggest state sponsor of cyber-attacks on the West, primarily in its bid to steal commercial secrets, according to a report by one of the world’s largest cybersecurity firms.

Crowdstrike, which revealed the Russian hack on the Democratic National Committee in 2016, said China was now ahead of Russia as the most prolific nation-state mounting attacks on firms, universities, government departments, think tanks and NGOs.

Its analysis of thousands of cyberattacks in the first six months of this year revealed more than a third (36pc) were targeted at technology firms, with a particular increase in attacks on biotechnology companies aimed at stealing their research secrets and intellectual property. Pharmaceutical, defence, mining and transport companies were also hit.

It said cyber-hackers were using increasingly sophisticated techniques to breach Western defences by replicating established software to hack firms, hijacking a firm’s clients’ computers as a potential ‘Trojan Horse’ route into their target and using personalised ‘phishing’ emails to senior executives.

China has become a bigger threat after a reorganisation of the People’s Liberation Army (PLA) put hacking in the hands of contract firms, effectively privatising operations.

Free of previous Chinese state bureaucracy, they are run by computer science experts with extensive links into hacking forums and groups, says Crowdstrike, which provides cybersecurity for half of the world’s biggest 20 multinationals.
IT giant Siemens was the biggest victim of one Chinese contractor in the US called Boyusec and which is linked to one of the more advanced and active Chinese government-sponsored espionage groups.

Three Chinese nationals at Boyusec have been charged with stealing 407 gigabytes of data from Siemens energy, technology and transport businesses, according to an unsealed justice department indictment. Two other firms, Moody’s Analytics and Trimble, were also targeted.

All three are residents of Guangzhou and have been accused of using spear phishing emails to get access to the firms’ computer networks. Boyusec has been linked to a hacker group known as Gothic Panda, which in turn has been connected to the Chinese Ministry of State Security (MSS).

Of 116 “adversary” groups identified by Crowdstrike, the bulk of nation-state cyber-attackers are Chinese followed by Russia with 10, Iran with eight, North Korea with five and a smattering of others including Pakistan, India, Vietnam, South Korea and some middle east governments.

According to Crowdstrike, it is not just firms that have been targeted. One attack began when an employee at a think tank received a message ostensibly from a university professor hosting a series of webinars for students.
The employee was invited to join one of the webinars as an expert speaker on global politics and economics. The video-conferencing application they downloaded was actually a ‘Trojan Horse’ version of a legitimate desktop programme which planted malicious software in the think tank.

In its report, Crowdstrike said it had uncovered highly-sophisticated techniques by hackers to hide their tracks in attacks on universities, a target because of their valuable research financial and personal data resources.

“Academic institutions also have reputations for somewhat relaxed IT security procedures, providing adversaries with potential opportunities to easily build malicious network infrastructures to facilitate additional attacks elsewhere,” it said.

Investigators uncovered growing evidence of cyberattacks on NGOs working overseas, in one case watching a hacker returning to an NGO’s systems to “perform access maintenance” to ‘sleeper’ files it had planted in the organisation. China, which has been extending its worldwide influence particularly in Africa, was suspected of the attack because of the technology used but Crowdstrike said it had not been able to confirm it.

Crowdstrike warned criminal gangs were getting more sophisticated, adopting the more advanced tactics and techniques of nation-state hackers to plant malicious software for fraud or identity theft. It has also seen a surge in criminal gangs hijacking companies’ computers to use them to generate crypto-currencies, a trend attributed to the rise in the value of such currencies in the winter of 2017.

Jennifer Ayers, Crowdstrike vice-president, said her biggest fear was a destructive global cyberattack using ransomware like that which crippled the NHS in May last year. An alleged North Korean spy has been charged in connection with the attack.

“We saw it with the NHS where people had to resort to using pen and paper. You could easily take that to the next level where smart technology, power plants and power grids are affected. That’s why a destructive global attack with ransomware scares me the most.

“The world wasn’t prepared for ransomware. It took some days to recover but it took others months.”

Telegraph:           Sky

You Might Also Read: 

Russia Stands Accused Of Global Hacking Campaign:

 

« British National Cyber-Centre Thwarts Hostile Hackers
How Cyber Criminals Are Using Social Media To Hack Bank Accounts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IASME Consortium

IASME Consortium

IASME is one of five companies appointed as Accreditation Bodies for assessing and certifying against the UK Government's Cyber Essentials Scheme.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

Solarflare

Solarflare

Solarflare is a leading provider of intelligent networking I/O software and hardware platforms that accelerate, monitor and secure network data.

QMS International

QMS International

QMS is one of the leading ISO certification bodies in the UK and serves clients worldwide.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

NetDiligence

NetDiligence

NetDiligence is a privately-held cyber risk assessment and data breach services company.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Forensic Pathways

Forensic Pathways

Forensic Pathways focus on the provision of digital forensic technologies, offering clients unique technologies in the management of mobile phone data, image analysis and ballistics analysis.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

GateKeeper Enterprise

GateKeeper Enterprise

The GateKeeper Enterprise software is an identity access management solution. Automated proximity-based authentication into computers and websites. Passwordless login and auto-lock PCs.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Qeros

Qeros

Qeros is a next-generation distributed system enables secure data and transaction processing at the velocity of thought.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

RightSec

RightSec

RightSec is an emerging market leader and solution provider for cybersecurity and digital resiliency. We provide end to end solutions to suit your specific business lifecycle.