China’s Hackers Have Stolen EU, US & Global Secrets

Uploaded on 2019-01-04 in INTELLIGENCE--International, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

A US Justice Department indictment  issued on 20th December, announced the criminal indictment of two individuals, Zhu Hua and Zhang Shilong, who were alleged to be part of A 

The Five Eyes intelligence group (US, UK, Australia, Canada and New Zealand) believe that China has been using hackers and sometimes students as short term hackers before they go into often overseas academic study. 

These hackers have been used to gather military, technology and commercial information and secrets from other countries in-order to support and improve China’s intelligence and commercial positon in the World. China’s group of best hackers known as APT10, which is short for “Advanced Persistent Threat”, hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called Managed Service Providers (MSPs). 
They are the companies that offer electronic systems like data backup and password management under a subscription model. If hackers can get into a MSP’s data system, then they can down-load information from the commercial, and or government, data/secrets collections. 

The indictment suggests that China by hacking into a particular New York MSP, was able to steal data from companies in lots of countries, from Chile to the Australia. 

This secret intrusion process allowed China to gather information from a wide variety of businesses, parts of government and industries from telecoms, IT to banking and manufacturing. Foreign Secretary UK, Jeremy Hunt said:

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.

"These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

"Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld”.

MSP Attack
These hacks often begin with an email saying that a particular issue is important and needs attention. The message appears to be legitimate and seems to come from a supply partner company and asks the receiver to open an attached file. 
However, this is a phishing email that, once opened lets the hacker have access to passwords et al. Even if some of the security systems tried to block access the hackers would change the IP address and continue the hacking process. 
Once these Chinese hackers had established themselves on a computer, they would download more malware until they get what they are after.

Using these systems and collection processes the hackers have got massive amounts of valuable information and data since at least 2014.

These Chinese hackers stole hundreds of gigabytes of data from dozens of companies, the indictment suggests. While the Justice Department didn’t name any specific victims, the Department of Homeland Security has set up a page providing guidance for any company that thinks it might have been attacked. 

No Armistice
This whole process is now set against the China/American agreement from three years ago that they would not hack each other’s commercial businesses.  China like other major countries has used these hacking system attacks and intrusions in ways that are similar to different methods that have been used over the centuries for one nation to gather and governmentally and commercial use secrets from another country for their own benefit.

News  by CSI:

You Migt Also Read 

China Has “taken the gloves off” In Hacking Attacks:

 

« Publishers Need Micro-Payments Now
Prosecutors Sue Facebook Over Cambridge Analytica »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Zybert Computing

Zybert Computing

Zybert Computing provide server solutions with built-in security and information protection features for the SME market.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

Node4

Node4

Node4 provide advanced, cloud-led digital transformation solutions, delivered with technical expertise, innovation and exceptional service to drive your business forwards.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

Glasstrail

Glasstrail

Glasstrail are single-minded about helping organisations gather intelligence and manage vulnerabilities in their attack surface before adversaries exploit them.