This story originally appeared on wired.com.
The mystery of China’s sudden warnings about US hackers
China has recently begun saber-rattling about American cyberespionage.
For the best part of a decade, US officials and cybersecurity companies have been naming and shaming hackers they believe work for the Chinese government. These hackers have stolen terabytes of data from companies like pharmaceutical and video game firms, compromised servers, stripped security protections, and highjacked hacking tools, according to security experts. And as China’s alleged hacking has grown more brazen, individual Chinese hackers face indictments. However, things may be changing.
Since the start of 2022, China’s Foreign Ministry and the country’s cybersecurity firms have increasingly been calling out alleged US cyberespionage. Until now, these allegations have been a rarity. . .The move may be a strategic change for China as the nation tussles to cement its position as a tech superpower.
[. ] China’s accusations, which were noted by security journalist Catalin Cimpanu, all follow a very similar pattern. On February 23, Chinese security company Pangu Lab published allegations that the US National Security Agency’s elite Equation Group hackers used a backdoor, dubbed Bvp47, to monitor 45 countries. The Global Times, a tabloid newspaper that’s part of China’s state-controlled media, ran an exclusive report on the research.
Weeks later, on March 14, the newspaper had a second exclusive story about another NSA tool, NOPEN, based on details from China’s National Computer Virus Emergency Response Center. A week later, Chinese cybersecurity firm Qihoo 360 alleged that US hackers had been attacking Chinese companies and organizations.
And on April 19, the Global Times reported on further National Computer Virus Emergency Response Center findings about HIVE, malware developed by the CIA.
The reports are accompanied with a flurry of statements—often in response to questions from the media—by China’s Foreign Ministry spokespeople. “China is gravely concerned over the irresponsible malicious cyber activities of the US government,” Foreign Ministry spokesperson Wang Wenbin said in April after one of the announcements. “We urge the US side to explain itself and immediately stop such malicious activities.”
>> Over the first nine days of May, Foreign Ministry spokespeople commented on US cyber activities at least three times. “One cannot whitewash himself by smearing others,” Zhao Lijian said in one instance.
While cyber activity undertaken by state actors is often wrapped in highly classified files, many hacking tools developed by the US are no longer secret. In 2017, WikiLeaks published 9,000 documents in the Vault7 leaks, which detailed many of the CIA’s tools. A year earlier, the mysterious Shadow Brokers hacking group stole data from one of the NSA’s elite hacking teams and slowly dripped the data to the world. The Shadow Brokers leaks included dozens of exploits and new zero-days—including the Eternal Blue hacking tool, which has since been used repeatedly in some of the largest cyberattacks.
Many of the details in the Shadow Brokers leaks match up with details about NSA which were disclosed by Edward Snowden in 2013. (An NSA spokesperson said it has “no comment” for this story; the agency routinely does not comment on its activities.)
Ben Read, director of cyberespionage analysis at the US cybersecurity firm Mandiant, says China’s state media push of alleged US hacking seems to be consistent, . .
Many of the disclosures in 2022—there are only a handful of previous Chinese accusations against the US—stem from private cybersecurity companies. This is similar to how Western cybersecurity companies report their findings; they are not always incorporated into government talking points, however, and state-backed media is all but nonexistent.
The potential shift in tactics could play into wider policies around technology use and development. In recent years, China’s policies have focused on positioning itself as a dominant force in technology standards in everything from 5G to quantum computers. A raft of new cybersecurity and privacy laws have detailed how companies should handle data and protect national information—including the potential for hoarding previously unknown vulnerabilities.
“One explanation is, possibly, that we are engaged in a kind of ideological—or if you want to put it more prosaically, a marketing—battle with China,” says Suzanne Spaulding, a senior adviser at the Center for Strategic and International Studies and previously a senior cybersecurity official in the Obama administration. . ."
READ MORE >> https://arstechnica.com/information-technology/2022/05/the-mystery-of-chinas-sudden-warnings-about-us-hackers/
RELATED CONTENT ON THIS BLOG
25 December 2020
One More "Endless War" CYBERWARFARE > Nation-States & Cyber-Spies / The Blame Game
US CyberSpy vs CyberSpy Incompetence
Spy vs Spy was a Mad Magazine comic strip started during the Cold War era in 1961. Drawn by Antonia Prohias, the strip featured two spies one level too clever such that they inevitably did themselves in with scheming stunts of self-destruction
No comments:
Post a Comment