China’s Hackers Have Stolen EU, US & Global Secrets

A US Justice Department indictment  issued on 20th December, announced the criminal indictment of two individuals, Zhu Hua and Zhang Shilong, who were alleged to be part of A 

The Five Eyes intelligence group (US, UK, Australia, Canada and New Zealand) believe that China has been using hackers and sometimes students as short term hackers before they go into often overseas academic study. 

These hackers have been used to gather military, technology and commercial information and secrets from other countries in-order to support and improve China’s intelligence and commercial positon in the World. China’s group of best hackers known as APT10, which is short for “Advanced Persistent Threat”, hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called Managed Service Providers (MSPs). 
They are the companies that offer electronic systems like data backup and password management under a subscription model. If hackers can get into a MSP’s data system, then they can down-load information from the commercial, and or government, data/secrets collections. 

The indictment suggests that China by hacking into a particular New York MSP, was able to steal data from companies in lots of countries, from Chile to the Australia. 

This secret intrusion process allowed China to gather information from a wide variety of businesses, parts of government and industries from telecoms, IT to banking and manufacturing. Foreign Secretary UK, Jeremy Hunt said:

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.

"These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

"Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld”.

MSP Attack
These hacks often begin with an email saying that a particular issue is important and needs attention. The message appears to be legitimate and seems to come from a supply partner company and asks the receiver to open an attached file. 
However, this is a phishing email that, once opened lets the hacker have access to passwords et al. Even if some of the security systems tried to block access the hackers would change the IP address and continue the hacking process. 
Once these Chinese hackers had established themselves on a computer, they would download more malware until they get what they are after.

Using these systems and collection processes the hackers have got massive amounts of valuable information and data since at least 2014.

These Chinese hackers stole hundreds of gigabytes of data from dozens of companies, the indictment suggests. While the Justice Department didn’t name any specific victims, the Department of Homeland Security has set up a page providing guidance for any company that thinks it might have been attacked. 

No Armistice
This whole process is now set against the China/American agreement from three years ago that they would not hack each other’s commercial businesses.  China like other major countries has used these hacking system attacks and intrusions in ways that are similar to different methods that have been used over the centuries for one nation to gather and governmentally and commercial use secrets from another country for their own benefit.

News  by CSI:

You Migt Also Read 

China Has “taken the gloves off” In Hacking Attacks:

 

« Publishers Need Micro-Payments Now
Prosecutors Sue Facebook Over Cambridge Analytica »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

F-Response

F-Response

F-Response is a software utility that enables an investigator to conduct live Forensics, Data Recovery, and eDiscovery over an IP network using their tools of choice.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

iQuila

iQuila

iQuila is a virtual overlay network which runs on top of an existing network. It creates a secure software enabled layer 2 connection across the internet or any public or private cloud.

Eskive

Eskive

Eskive is a Brazilian cyber security awareness and education platform that empowers users and strengthens their company in the face of cyber threats.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

FDD Center on Cyber and Technology Innovation (CCTI)

FDD Center on Cyber and Technology Innovation (CCTI)

The Foundation for Defense of Democracies is a nonprofit research institute focusing on foreign policy and national security. Ares of focus include cyber security and technology innovation.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Datastream Cyber Insurance

Datastream Cyber Insurance

DataStream Cyber Insurance is designed to give SMB’s across the US greater confidence in the face of increasing cyber attacks against the small and medium business community.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.