China’s Hackers Have Stolen EU, US & Global Secrets

A US Justice Department indictment  issued on 20th December, announced the criminal indictment of two individuals, Zhu Hua and Zhang Shilong, who were alleged to be part of A 

The Five Eyes intelligence group (US, UK, Australia, Canada and New Zealand) believe that China has been using hackers and sometimes students as short term hackers before they go into often overseas academic study. 

These hackers have been used to gather military, technology and commercial information and secrets from other countries in-order to support and improve China’s intelligence and commercial positon in the World. China’s group of best hackers known as APT10, which is short for “Advanced Persistent Threat”, hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called Managed Service Providers (MSPs). 
They are the companies that offer electronic systems like data backup and password management under a subscription model. If hackers can get into a MSP’s data system, then they can down-load information from the commercial, and or government, data/secrets collections. 

The indictment suggests that China by hacking into a particular New York MSP, was able to steal data from companies in lots of countries, from Chile to the Australia. 

This secret intrusion process allowed China to gather information from a wide variety of businesses, parts of government and industries from telecoms, IT to banking and manufacturing. Foreign Secretary UK, Jeremy Hunt said:

“This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world.

"These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.

"Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld”.

MSP Attack
These hacks often begin with an email saying that a particular issue is important and needs attention. The message appears to be legitimate and seems to come from a supply partner company and asks the receiver to open an attached file. 
However, this is a phishing email that, once opened lets the hacker have access to passwords et al. Even if some of the security systems tried to block access the hackers would change the IP address and continue the hacking process. 
Once these Chinese hackers had established themselves on a computer, they would download more malware until they get what they are after.

Using these systems and collection processes the hackers have got massive amounts of valuable information and data since at least 2014.

These Chinese hackers stole hundreds of gigabytes of data from dozens of companies, the indictment suggests. While the Justice Department didn’t name any specific victims, the Department of Homeland Security has set up a page providing guidance for any company that thinks it might have been attacked. 

No Armistice
This whole process is now set against the China/American agreement from three years ago that they would not hack each other’s commercial businesses.  China like other major countries has used these hacking system attacks and intrusions in ways that are similar to different methods that have been used over the centuries for one nation to gather and governmentally and commercial use secrets from another country for their own benefit.

News  by CSI:

You Migt Also Read 

China Has “taken the gloves off” In Hacking Attacks:

 

« Publishers Need Micro-Payments Now
Prosecutors Sue Facebook Over Cambridge Analytica »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

CYBERPOL

CYBERPOL

CYBERPOL's mission is to facilitate the widest possible mutual assistance between all cyber crime law enforcement authorities to help mitigate global cyber threats.

BPC Banking Technologies

BPC Banking Technologies

BPC’s advanced fraud prevention solution helps card issuers and acquirers combat the growing threat by monitoring 100% of transactions, online, in real-time across all channels.

PeckShield

PeckShield

PeckShield is a blockchain security company which aims to elevate the security, privacy, and usability of entire blockchain ecosystem by offering top-notch, industry-leading services and products.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

ClubCISO

ClubCISO

ClubCISO is a community of peers, working together to help shape the future of the information security profession by facilitating independent discussion on data security and cyber resilience.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

Oasis Technology

Oasis Technology

Oasis Technology are experts in cyber security. In addition to pioneering the game-changing TITAN anti-hacking device, we provide extensive cyber security consulting services.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

Seraphic Security

Seraphic Security

Seraphic Security provides attack protection to enable safe browsing for employees or contractors, as well as advanced governance controls to enforce enterprise policies across devices.

Cyber & Data Protection

Cyber & Data Protection

Cyber & Data Protection Limited supports Charities, Educational Trusts and Private Schools, Hospitality and Legal organisations by keeping their data secure and usable.