China Is 'biggest state sponsor of Cyber-Attacks on the West'

Security threats from Chinese companies building 5G networks could end up "putting all of us at risk" if they are not tackled quickly, according to a former security minister. 

Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.

5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.
However, the best 5G technology comes from Chinese companies, raising the fear that China's government could have ground-level access to, even control of, the UK's critical data infrastructure.

China has become the biggest state sponsor of cyber-attacks on the West, primarily in its bid to steal commercial secrets, according to a report by one of the world’s largest cybersecurity firms.

Crowdstrike, which revealed the Russian hack on the Democratic National Committee in 2016, said China was now ahead of Russia as the most prolific nation-state mounting attacks on firms, universities, government departments, think tanks and NGOs.

Its analysis of thousands of cyberattacks in the first six months of this year revealed more than a third (36pc) were targeted at technology firms, with a particular increase in attacks on biotechnology companies aimed at stealing their research secrets and intellectual property. Pharmaceutical, defence, mining and transport companies were also hit.

It said cyber-hackers were using increasingly sophisticated techniques to breach Western defences by replicating established software to hack firms, hijacking a firm’s clients’ computers as a potential ‘Trojan Horse’ route into their target and using personalised ‘phishing’ emails to senior executives.

China has become a bigger threat after a reorganisation of the People’s Liberation Army (PLA) put hacking in the hands of contract firms, effectively privatising operations.

Free of previous Chinese state bureaucracy, they are run by computer science experts with extensive links into hacking forums and groups, says Crowdstrike, which provides cybersecurity for half of the world’s biggest 20 multinationals.
IT giant Siemens was the biggest victim of one Chinese contractor in the US called Boyusec and which is linked to one of the more advanced and active Chinese government-sponsored espionage groups.

Three Chinese nationals at Boyusec have been charged with stealing 407 gigabytes of data from Siemens energy, technology and transport businesses, according to an unsealed justice department indictment. Two other firms, Moody’s Analytics and Trimble, were also targeted.

All three are residents of Guangzhou and have been accused of using spear phishing emails to get access to the firms’ computer networks. Boyusec has been linked to a hacker group known as Gothic Panda, which in turn has been connected to the Chinese Ministry of State Security (MSS).

Of 116 “adversary” groups identified by Crowdstrike, the bulk of nation-state cyber-attackers are Chinese followed by Russia with 10, Iran with eight, North Korea with five and a smattering of others including Pakistan, India, Vietnam, South Korea and some middle east governments.

According to Crowdstrike, it is not just firms that have been targeted. One attack began when an employee at a think tank received a message ostensibly from a university professor hosting a series of webinars for students.
The employee was invited to join one of the webinars as an expert speaker on global politics and economics. The video-conferencing application they downloaded was actually a ‘Trojan Horse’ version of a legitimate desktop programme which planted malicious software in the think tank.

In its report, Crowdstrike said it had uncovered highly-sophisticated techniques by hackers to hide their tracks in attacks on universities, a target because of their valuable research financial and personal data resources.

“Academic institutions also have reputations for somewhat relaxed IT security procedures, providing adversaries with potential opportunities to easily build malicious network infrastructures to facilitate additional attacks elsewhere,” it said.

Investigators uncovered growing evidence of cyberattacks on NGOs working overseas, in one case watching a hacker returning to an NGO’s systems to “perform access maintenance” to ‘sleeper’ files it had planted in the organisation. China, which has been extending its worldwide influence particularly in Africa, was suspected of the attack because of the technology used but Crowdstrike said it had not been able to confirm it.

Crowdstrike warned criminal gangs were getting more sophisticated, adopting the more advanced tactics and techniques of nation-state hackers to plant malicious software for fraud or identity theft. It has also seen a surge in criminal gangs hijacking companies’ computers to use them to generate crypto-currencies, a trend attributed to the rise in the value of such currencies in the winter of 2017.

Jennifer Ayers, Crowdstrike vice-president, said her biggest fear was a destructive global cyberattack using ransomware like that which crippled the NHS in May last year. An alleged North Korean spy has been charged in connection with the attack.

“We saw it with the NHS where people had to resort to using pen and paper. You could easily take that to the next level where smart technology, power plants and power grids are affected. That’s why a destructive global attack with ransomware scares me the most.

“The world wasn’t prepared for ransomware. It took some days to recover but it took others months.”

Telegraph:           Sky

You Might Also Read: 

Russia Stands Accused Of Global Hacking Campaign:

 

« British National Cyber-Centre Thwarts Hostile Hackers
How Cyber Criminals Are Using Social Media To Hack Bank Accounts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

Intland Software

Intland Software

Intland offer an integrated Application Lifecycle Management platform that offers all-round Requirements, Development, and Testing & Quality Assurance functionality.

National Cybersecurity and Communications Integration Center (NCCIC)

National Cybersecurity and Communications Integration Center (NCCIC)

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

CalCom

CalCom

CalCom Hardening Solution (CHS) for Microsoft OMS is a security baseline-hardening solution designed to address the needs of IT operations and security teams.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

DEFENTEK - National Security Informatics

DEFENTEK - National Security Informatics

Defentek (aka National Security Informatics) is a technology consortium covering a broad spectrum of intelligence computing solutions and interception technologies.

OpenAVN (DefenseArk)

OpenAVN (DefenseArk)

Defending your life online, keeping your data safe and private. We detect digital threats magnitudes faster than the leading antivirus software.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

Ingenics Digital

Ingenics Digital

Ingenics Digital is a recognized initiator and leading service provider in the areas of software development and embedded systems.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.

Blue Cloud Softech Solutions

Blue Cloud Softech Solutions

Blue Cloud Softech propels inspiring digital transformations. We provide AI products, cybersecurity, healthcare technology, and cloud solutions.