China Is 'biggest state sponsor of Cyber-Attacks on the West'

Security threats from Chinese companies building 5G networks could end up "putting all of us at risk" if they are not tackled quickly, according to a former security minister. 

Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.

5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.
However, the best 5G technology comes from Chinese companies, raising the fear that China's government could have ground-level access to, even control of, the UK's critical data infrastructure.

China has become the biggest state sponsor of cyber-attacks on the West, primarily in its bid to steal commercial secrets, according to a report by one of the world’s largest cybersecurity firms.

Crowdstrike, which revealed the Russian hack on the Democratic National Committee in 2016, said China was now ahead of Russia as the most prolific nation-state mounting attacks on firms, universities, government departments, think tanks and NGOs.

Its analysis of thousands of cyberattacks in the first six months of this year revealed more than a third (36pc) were targeted at technology firms, with a particular increase in attacks on biotechnology companies aimed at stealing their research secrets and intellectual property. Pharmaceutical, defence, mining and transport companies were also hit.

It said cyber-hackers were using increasingly sophisticated techniques to breach Western defences by replicating established software to hack firms, hijacking a firm’s clients’ computers as a potential ‘Trojan Horse’ route into their target and using personalised ‘phishing’ emails to senior executives.

China has become a bigger threat after a reorganisation of the People’s Liberation Army (PLA) put hacking in the hands of contract firms, effectively privatising operations.

Free of previous Chinese state bureaucracy, they are run by computer science experts with extensive links into hacking forums and groups, says Crowdstrike, which provides cybersecurity for half of the world’s biggest 20 multinationals.
IT giant Siemens was the biggest victim of one Chinese contractor in the US called Boyusec and which is linked to one of the more advanced and active Chinese government-sponsored espionage groups.

Three Chinese nationals at Boyusec have been charged with stealing 407 gigabytes of data from Siemens energy, technology and transport businesses, according to an unsealed justice department indictment. Two other firms, Moody’s Analytics and Trimble, were also targeted.

All three are residents of Guangzhou and have been accused of using spear phishing emails to get access to the firms’ computer networks. Boyusec has been linked to a hacker group known as Gothic Panda, which in turn has been connected to the Chinese Ministry of State Security (MSS).

Of 116 “adversary” groups identified by Crowdstrike, the bulk of nation-state cyber-attackers are Chinese followed by Russia with 10, Iran with eight, North Korea with five and a smattering of others including Pakistan, India, Vietnam, South Korea and some middle east governments.

According to Crowdstrike, it is not just firms that have been targeted. One attack began when an employee at a think tank received a message ostensibly from a university professor hosting a series of webinars for students.
The employee was invited to join one of the webinars as an expert speaker on global politics and economics. The video-conferencing application they downloaded was actually a ‘Trojan Horse’ version of a legitimate desktop programme which planted malicious software in the think tank.

In its report, Crowdstrike said it had uncovered highly-sophisticated techniques by hackers to hide their tracks in attacks on universities, a target because of their valuable research financial and personal data resources.

“Academic institutions also have reputations for somewhat relaxed IT security procedures, providing adversaries with potential opportunities to easily build malicious network infrastructures to facilitate additional attacks elsewhere,” it said.

Investigators uncovered growing evidence of cyberattacks on NGOs working overseas, in one case watching a hacker returning to an NGO’s systems to “perform access maintenance” to ‘sleeper’ files it had planted in the organisation. China, which has been extending its worldwide influence particularly in Africa, was suspected of the attack because of the technology used but Crowdstrike said it had not been able to confirm it.

Crowdstrike warned criminal gangs were getting more sophisticated, adopting the more advanced tactics and techniques of nation-state hackers to plant malicious software for fraud or identity theft. It has also seen a surge in criminal gangs hijacking companies’ computers to use them to generate crypto-currencies, a trend attributed to the rise in the value of such currencies in the winter of 2017.

Jennifer Ayers, Crowdstrike vice-president, said her biggest fear was a destructive global cyberattack using ransomware like that which crippled the NHS in May last year. An alleged North Korean spy has been charged in connection with the attack.

“We saw it with the NHS where people had to resort to using pen and paper. You could easily take that to the next level where smart technology, power plants and power grids are affected. That’s why a destructive global attack with ransomware scares me the most.

“The world wasn’t prepared for ransomware. It took some days to recover but it took others months.”

Telegraph:           Sky

You Might Also Read: 

Russia Stands Accused Of Global Hacking Campaign:

 

« British National Cyber-Centre Thwarts Hostile Hackers
How Cyber Criminals Are Using Social Media To Hack Bank Accounts »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

Virgil Security

Virgil Security

Virgil Security provides easy-to-deploy and easy-to-use cryptographic software and services for use by developers and end-users.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Uleska

Uleska

Uleska is a scalable platform that provides automated and continuous software security testing whilst translating cyber risk.

Renesas Electronics

Renesas Electronics

Renesas Electronics delivers trusted embedded design innovation with solutions that enable billions of connected, intelligent devices to enhance the way people work and live - securely and safely.

Cybersecurity Coalition

Cybersecurity Coalition

The mission of the Cybersecurity Coalition is to bring together leading companies to help policymakers develop consensus-driven policy solutions to achieve improvements in cybersecurity.

TROOPERS

TROOPERS

TROOPERS InfoSec event consists of two days of high-end training, followed by a two-day, three-track conference, culminating in Roundtables on the final day.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.

Cloud Carib

Cloud Carib

Cloud Carib is the premier provider of managed cloud services in the Caribbean and Latin American regions.