![]() But what we are seeing is that is no longer the case any more.” “Effectively when governments called them out, you’d see relatively quickly after those things happened, the activity would drop off. “In the past, Chinese groups were very sensitive to indictment, to the name and shame of public attribution,” said Collier. It was the first time the British had accused the Chinese government as being responsible for a cyber campaign, saying that the MSS was directing, or operating behind the hackers. The campaign may have run throughout the 2010s but by 2017 had become increasingly visible to western intelligence, revealing, as Martin observed, that “it was clear with the deterioration of Sino-American relations China no longer felt bound by the agreement with Obama”.Ī year later, in December 2018, the US and the UK named a Chinese group known as APT10 or Stone Panda as behind the Cloud Hopper hacking. In the west, the penny slowly dropped as security agencies began to understand the impact of Operation Cloud Hopper, the name given to a sophisticated espionage campaign conducted against third-party IT services providers, with the aim of infiltrating them to steal secrets from a wide range of corporates such as the Swedish telecoms equipment maker Ericsson. China, meanwhile, reorganised its hacking activities, taking away global operations from the People’s Liberation Army and switching them to the MSS. An almost identical agreement was signed between the UK and China one month later.Īt first the agreement had a deterrent effect, at least on the Chinese side, with reports of hacking emanating from the country sharply reduced from what experts describe as “loud, noisy” attempts to steal intellectual property previously.īut the situation changed after the 2016 election of Donald Trump, who adopted a more overtly combative tone towards Beijing. “Both government will not be engaged in or knowingly support online theft of intellectual properties,” Xi said during a visit to the White House following similar language from Obama. ![]() Yet it was not meant to be like this: in September 2015, Presidents Barack Obama and Xi Jinping jointly announced a cybersecurity agreement. It said the US was “the largest source of cyber-attacks in the world”, underlying the lack of agreement on the topic and touching on a genuine source of frustration in Beijing – that the US and other western allies have long engaged in traditional political espionage against countries like it. ![]() In July, China’s foreign ministry accused Washington of “ganging up with its allies” and engaging in “smear and suppression out of political motives”. “In that case there was no collateral damage – but as for Hafnium when they realised they had been caught, the hackers booby-trapped the software on the way out.”Ĭhina, however, consistently denies being involved in hacking despite the attempts by the US and others to embarrass it. ![]() The Hafnium attack on Exchange was in complete contrast to the Russian exploitation of SolarWinds software for espionage purposes. Criminals, now aware of what was happening, were able to exploit the web shells, and in some cases they were booby-trapped if deleted – a brazen aspect of the hacking that surprised experts.Ĭiaran Martin, the chief executive of the UK’s National Cyber Security Centre until last year, said: “What you saw here was real recklessness. Once Microsoft was publicly alerted to the activity, attacks were rapidly stepped up on organisations that had not patched Exchange. It affected about 250,000 organisations worldwide, allowing hackers from a group, which Microsoft has named Hafnium, to siphon off company emails for espionage, with the help of an easy to use “web shell” tool allowing anybody with the right password to hack into a compromised Exchange server. In some cases they blamed China’s Ministry of State Security (MSS) for directing the activity. That culminated, in July, with the US, the EU, Nato, the UK and four other countries all accusing Beijing of being behind a massive exploitation of vulnerabilities in Microsoft’s widely used Exchange company server software in March. Jamie Collier, a consultant with Mandiant, a cybersecurity firm whose work is often cited by intelligence agencies, said the level of hacking emerging from China in 2021 was “a more kind of severe threat than we previously anticipated”.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |