China Steps Up US Cyberattacks As Trade Tensions Worsen..(THEY Work Saturdays! 4 Shutdowns This Morning!)
by Tyler Durden
ZeroHedge.com
Sat, 06/23/2018
Despite signing a “digital truce” with the US in 2015 that banned the hacking of private companies, China has been green-lighting plenty of cyberattacks on US defense contractors, along with other targets, lately. And given the rising trade tensions with the US, these types of attacks are only expected to increase, according to Wired. To wit, one state-funded group recently infiltrated a Navy contractor and stole hundreds of gigabytes of information about submarines and undersea weapons, that have by now likely been handed over to the Chinese military.
As one source told Wired, China has backed off on intellectual property theft, as it promised to do when it signed the treaty. But it has more than compensated for this by redoubling its efforts to acquire US military intelligence.
“China’s actually backed off quite a bit on intellectual property theft, but when it comes to military trade secrets, military preparedness, military readiness, satellite communications, anything that involves the US’s ability to keep a cyber or military edge, China has been very heavily focused on those targets,” says David Kennedy, CEO of the threat tracking firm Binary Defense Systems, who formerly worked at the NSA and with the Marine Corps’ signal intelligence unit. “And the US does the same thing, by the way.”
Earlier this week, analysts from Symantec published their research tracking a series of attacks carried out by suspected Chinese hackers between November 2017 and April. The researchers dubbed the group “Thrip” – and what they have discovered is deeply troubling. The group, which the Symantec analysts have monitored since 2013, has learned to “hide in plain site” by using prefab malware to infiltrate networks, and then manipulate administrative controls to press further without tripping any alarms. Using off-the-shelf tools makes the group harder to identify. Still, the Symantec team found evidence of intrusions at some telecoms firms in southeast Asia, a US geospatial imagery company, a couple of private satellite companies including one US firm, and a US defense contractor.
And in what was probably Symantec’s most alarming discovery, the researchers learned that the hackers had managed to obtain operational control of orbiting satellite, giving them the ability to “disrupt data flows” or the satellite’s trajectory.
The researchers found evidence of intrusions at some southeast Asian telecom firms, a US geospatial imagery company, a couple of private satellite companies including one from the US, and a US defense contractor. The breaches were all deliberate and targeted, and in the case of the satellite firms the hackers moved all the way through to reach the control systems of actual orbiting satellites, where they could have impacted a satellite’s trajectory or disrupted data flow.
“It is scary,” says Jon DiMaggio, a senior threat intelligence analyst at Symantec who leads the research into Thrip.
“We looked at which systems they were interested in, where they spent the most time, and on the satellites it was command and control. And then they were also on the operational side for both the geospatial imagery and the telecom attacks.”
The Rest…HERE
