China is one of the biggest threats to other countries when it comes to cyber hacking. China is both the world`s second-largest economy and a nuclear weapon powerhouse with the world`s second-largest defense budget, there’s no question that China cyber warfare is the most aggressive worldwide. Western countries have long accused China of aggressive underground activities, and while investigations have traced various attacks on corporate and infrastructure computer systems to have originated from China.
It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace.
Why Is China Always Connected To Cyber Hacking?
Hackers from China, often with ties to the government, and have been accused of breaking into gas companies, steel companies, and chemical companies. Not long ago, Chinese Government Companies were charged for stealing the secret chemical make-up of the color white from DuPont. China developed its J-20 fighter planes, a plane similar to Lockheed Martin`s F-22 Raptor, shortly after a Chinese National was charged for stealing technical data from Lockheed Martin, including the plans for the Raptors.
The Federal accusations mostly offer a high-level look from there, but China`s hackers followed a fairly standard playbook. Once they had established themselves on a computer, they would start downloading more malware to escalate their privileges, until they found what they are looking for: data. Chinese Information Operations and Information Warfare include the concept of network warfare, which is roughly analogous to the United States concepts of cyber warfare.
Foreign Policy provided an estimated range for China`s hackers’ army personnel, anywhere from 50,000 to 100,000 individuals. Technology Theft and other unfair business practices originating from China are costing the American economy more than $57 billion a year, White House Officials believe, and they expect that figure to grow.
China Hacked Dozens of US Government Agencies and Businesses
In dozens of interviews with the U.S. Government and business representatives, officials involved in commerce with China, hacking and theft were an open secret for almost two decades, allowed to quietly continue because U.S. companies had too much money at stake to make waves. Eventually, the hackers even installed their own VPN systems on the network so that they could enter at will over an encrypted connection.
A multi-year attack carried out by Chinese hackers was exposed recently, and the scope of it is beyond anything previously seen in nation-state cyber underground activities. A notorious team that is widely believed to have Chinese government support is believed to have compromised at least 10 major global carries and used their networks to track and spy on high-profile business leaders and members of foreign governments.
That makes these cyber underground activities incidents unique is that Chinese hackers appear to have been following their targets as they move from country to country, hopping from one breached network to another as needed. While this ability is not new, this kind of mass-scale has not been seen before. According to a Justice Department accusation, that is effectively what China has done to the rest of the world since 2014. That when the countries APT10 (Advanced Persistent Threat), the hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called manage service providers. They are the businesses that provide IT infrastructural like data storage or password management.
More Accusations Against China
For an even greater sense of scale: The accusations allege, among other things, that by hacking into a single New York-based MSP, APT10 was able to compromise data from companies in a dozen countries, from Brazil to the United Arab Emirates. With a single initial intrusion, Chinese spies could leapfrog to industries as varied as banking and finance, biotech, consumer electronics, health care, manufacturing, gas oil, telecommunications and more.
- The DOJ`s accusations – outline alleged APT10 activities that are focused on government agencies and defense contractors, dating back to 2006, that took a more conventional approach. But MSP hacks don`t just show China`s hacking sophistication; they demonstrate its ruthless efficiency and determination.
- More than 90% of the department`s cases alleging economic underground activities over the past seven years involve China, more than two-thirds of the departments’ cases involving thefts of trade secrets are connected to China. Compromise MSP, and you have a much easier path into all these clients. They`re super. Yet an investigation by Federal Agencies into why three successive administrations failed to stop cyber hacking from China found an unlikely obstacle for the government.
- The U.S – China Economic and Security Review Commission was set up in 2000 to examine the implications of growing economic ties with China. An expert on Chinese security issues at the conservative Heritage Foundation said the alleged Internet
- Hijacking appeared to be part of what he described as a disturbing pattern of aggressive Chinese Cyber Activities. All of this that from China`s view, a global conflict is already underway – in the virtual world of cyberspace, the ability to direct vast amounts of data constitutes a threat, not only to national security, but also to private companies and individuals, as their information, too, has now been put a risks.
Obama’s Say About The Issue
The past Obama administration officials say they did not turn a blind eye to the Google hack or cyber theft from China.
The administration was struggling with other important priorities, such as North Korea, Iran, the economic and climate change. Cybersecurity companies have gotten relatively good at observing and analyzing the tools and tactics of nation-state threat actors; they are less good at placing these actions in context sufficient enough for defenders to make solid risk assessments. In short, APT hackers put themselves in a position where they not only had access to MSP systems but could move through them as an administrator might. Using those privileges, they would initiate what`s known as Remote Desktop Protocol connections with other MSP computers and client networks.
Think of anytime an IT staffer has taken over your computer to troubleshoot, install Photoshop, whatever. It is like that, except instead of a friendly coworker it`s Chinese hackers hunting for secrets. China has denied these accusations of cyber warfare and has, in turn, accused the United States of engaging in cyber warfare against China – a claim the U.S. government denies. China`s hackers will continue to rob the world blind at every opportunity. At least, though, they may now be a little less anonymous when they do.
References:
- https://www.npr.org/2019/04/12/711779130/as-china-hacked-u-s-businesses-turned-a-blind-eye
- https://www.forbes.com/sites/zakdoffman/2019/06/25/chinese-government-suspected-of-major-hack-on-10-global-phone-companies-reports/#260e3ed132da
- https://www.wired.com/story/doj-indictment-chinese-hackers-apt10/
- https://edition.cnn.com/2019/02/20/tech/crowdstrike-china-hackers-us/index.html
