Quote:China’s communist regime is engaged in a worldwide campaign of cybercrime and leading experts believe that the United States is failing to respond swiftly enough to counter the threat.
“In the current era of cyber, it’s all about speed,” retired Army Col. John Mills told The Epoch Times.
“You have to presume a breach, and that the threat is inside. Looking at it from that perspective, it’s all about speed of identification, speed of ejection. The U.S. government is not good at that.”
All signs indicate that the Chinese Communist Party (CCP) and its proxies are engaged in a robust and global cybercrime campaign that aims to both destabilize the regime’s foes and position itself for a potential war with the United States.
“This is an extraordinary threat,” said Mr. Mills, who previously served as the director of Cybersecurity Policy, Strategy, and International Affairs at the Department of Defense.
A cache of leaked documents that surfaced in late February implicated the regime’s direct involvement in overseas cyber espionage.
The documents belonged to a criminal hacking group called I-Soon, which masquerades as a legitimate business in China, apparently with the regime’s blessing.
The leaked files revealed the group’s infiltration into government departments in India, South Korea, Thailand, Vietnam, and South Korea, as well as NATO organizations.
Files included product manuals, marketing materials, employee lists, chat records, financial information, and details about foreign infiltration efforts.
Some of the documents that were verified by the Associated Press show that the majority of the group’s clients are based within China’s regional security bureaus and the CCP’s Ministry of Public Security.
Mr. Mills said the revelation was “predictable,” and that CCP authorities have a long history of conducting illicit tasks in addition to their formal duties.
“The CCP and the government, which is one [and] the same thing, knew these people were moonlighting. This is part of the culture of corruption [in China],” Mr. Mills said.
The I-Soon leaks surfaced amid a wider flurry of CCP-backed cyber activity, in which the regime successfully infiltrated both U.S. critical infrastructure and the defense ministry of the Netherlands.
The documents belonged to a criminal hacking group called I-Soon, which masquerades as a legitimate business in China, apparently with the regime’s blessing.
The leaked files revealed the group’s infiltration into government departments in India, South Korea, Thailand, Vietnam, and South Korea, as well as NATO organizations.
Files included product manuals, marketing materials, employee lists, chat records, financial information, and details about foreign infiltration efforts.
Some of the documents that were verified by the Associated Press show that the majority of the group’s clients are based within China’s regional security bureaus and the CCP’s Ministry of Public Security.
Mr. Mills said the revelation was “predictable,” and that CCP authorities have a long history of conducting illicit tasks in addition to their formal duties.
“The CCP and the government, which is one [and] the same thing, knew these people were moonlighting. This is part of the culture of corruption [in China],” Mr. Mills said.
The I-Soon leaks surfaced amid a wider flurry of CCP-backed cyber activity, in which the regime successfully infiltrated both U.S. critical infrastructure and the defense ministry of the Netherlands.
Casey Fleming, CEO of the risk advisory firm BlackOps Partners, said that the Volt Typhoon initiative was part of the CCP’s strategy of unrestricted warfare through which it aims to secure military advantage over the United States through non-military means.
“The CCP is hyper-focused on weakening the U.S. from all angles to win the war without fighting,” Mr. Fleming told The Epoch Times.
“This is what World War 3 looks like. It’s the speed of technology, the stealth of unrestricted warfare, and no rules.”
Chinese-Made Spying Tools
Same Article Wrote:The more recent I-Soon leaks also shed light on the tools Chinese cybercriminals are deploying to infiltrate, undermine, and exploit the regime’s rivals.
Its services included a tool for infiltrating users’ accounts on social media platform X, including the ability to access phone numbers, email accounts, personal messages, and real-time activity even if users have enabled two-factor authentication.
Likewise I-Soon sold access to a custom suite of remote-access Trojans—malware capable of infecting Android, IOS, and Windows devices—which could, at times, alter registry files and collect GPS data, contacts, media files, and real-time audio recordings of conversations.
The Android version of the Trojan also had the capability of dumping all messages stored in major Chinese apps including QQ, WeChat, and Momo.
Notably, the I-Soon documents also revealed the existence of portable devices for “attacking networks from the inside,” including options to embed the malware in cellphone batteries, power strips, and circuit boards.
Similar devices could be outfitted with special equipment for operatives working abroad to establish safe communication with mainland China.
Mr. Mills said the regime is exploiting its advantage in the manufacturing domain to achieve dominance in cyberspace. China-based hackers are using manufacturing vulnerabilities in how devices connect and share data with one another.
And by smuggling malware into the United States with Chinese-made goods, he said, such devices could be used to penetrate the United States’ most critical infrastructure, as the Volt Typhoon malware was designed to do.
...
“The Internet of Things and critical infrastructure—that is still a very porous, vulnerable area,” Mr. Mills said.
“There’s a lot of industrial control systems and critical infrastructure. There’s a lot of obscure software programs and languages that are just not well understood, and they don’t scale as far as being able to secure them,” he added. “It’s very tailored and customized, which is inefficient and expensive, and that’s the reality of critical infrastructure.”
There are some indications that the Biden administration is beginning to tackle the issue of China-origin technology.
The Commerce Department announced on Feb. 29 that it intends to investigate and propose rules regarding vehicles with CCP-made technology.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
Quote:New Zealand’s Government Communications Security Bureau (GCSB) revealed on Monday that Chinese state-sponsored hackers attacked two computer systems used by the New Zealand Parliament in 2021.
GCSB said the hackers managed to access some data on the systems, but nothing of a “strategic or sensitive” nature.
The GCSB is New Zealand’s leading cybersecurity and signals intelligence organization. The agency revealed previously classified details of the 2021 Chinese cyberattack after sister agencies in the United States and United Kingdom disclosed details of similar attacks they have endured.
“This is the first time we have attributed state-sponsored malicious cyber activity to the People’s Republic of China, for intrusion into New Zealand government systems,” GCSB Director Andrew Clark said on Monday.
Clark explained that his agency detected malicious activity in two key computer networks used by Parliament in August 2021. GCSB linked the intrusion to China’s Ministry of State Security (MSS) and one of its many hacker groups, code-named APT40, with a high degree of confidence.
“This link has been reinforced by analysis from international partners of similar events in their own jurisdictions,” Clark said.
APT40 is classified as a Chinese state-linked hacker threat by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The group operates under various colorful aliases, including Bronze Mohawk, GreenCrash, and Kryptonite Panda.
APT40 has been active since at least 2009, targeting government, corporate, and academic computer systems in the U.S., Canada, Europe, the Middle East, and the South China Sea region. The group has a predilection for attacking industries that might compete with China’s Belt and Road Initiative (BRI). The U.S. Department of Justice (DOJ) indicted four members of APT40 for cyber espionage in July 2021.
The 2021 New Zealand intrusion was described in detail in a statement released by GCSB minister Judith Collins, who condemned China for targeting New Zealand’s Parliament and the UK Electoral Commission with “malicious cyber activity.”
The government of New Zealand summoned Chinese Ambassador Wang Xiaolong to lodge a complaint and ask China to desist from such cyber-espionage in the future. However, New Zealand stopped short of leveling punitive sanctions against Beijing.
“Foreign interference of this nature is unacceptable, and we have urged China to refrain from such activity in future,” said Foreign Minister Winston Peters.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.