Cybersecurity & Espionage Articles
https://www.seattletimes.com/business/technology/spies-for-hire-chinas-new-breed-of-hackers-blends-espionage-and-entrepreneurship/
China’s buzzy high-tech companies do not usually recruit Cambodian speakers, so the job ads for three well-paid positions with those language skills stood out. The ad, seeking writers of research reports, was placed by an internet security startup in China’s tropical island province of Hainan. That startup was more than it seemed, according to U.S. law enforcement. Hainan Xiandun Technology was part of a web of front companies controlled by China’s secretive state security ministry, according to a federal indictment from May. They hacked computers from the United States to Cambodia to Saudi Arabia, seeking sensitive government data as well as less-obvious spy stuff, like details of a New Jersey company’s fire-suppression system, according to prosecutors. The accusations appear to reflect an increasingly aggressive campaign by Chinese government hackers and a pronounced shift in their tactics: China’s premier spy agency is increasingly reaching beyond its own ranks to recruit from a vast pool of private-sector talent. This new group of hackers has made China’s state cyberspying machine stronger, more sophisticated and — for its growing array of government and private-sector targets — more dangerously unpredictable. Sponsored but not necessarily micromanaged by Beijing, this new breed of hacker attacks government targets and private companies alike, mixing traditional espionage with outright fraud and other crimes for profit.
0 Comments
https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html
A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies' networks as part of an insider threat scheme. "The sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom," Abnormal Security said in a report published Thursday. "The employee is told they can launch the ransomware physically or remotely. The sender provided two methods to contact them if the employee is interested—an Outlook email account and a Telegram username." The FBI’s warning to Silicon Valley: China and Russia are trying to turn your employees into spies8/18/2021 https://www.protocol.com/fbi-delta-protocol-economic-espionage
When FBI special agent Nick Shenkin starts talking about spies in Silicon Valley, he's not describing a James Bond movie or even what people have seen on "The Americans." Instead, what he's there to warn the tech sector about is less dramatic but perhaps more insidious: the insider threat of economic espionage and intellectual property theft. It's not the Hollywood image of espionage. But the risk to tech companies is real, the FBI says: Employees are being persuaded, or more typically, coerced by foreign autocracies into stealing information or handing over login credentials. In one case Shenkin worked on, Chinese government agents threatened to deny an employee's mother dialysis back in China if he didn't steal proprietary information from a large hardware/software company. "This is a quotidian activity," Shenkin told Protocol in an interview. "This is a massive fundamental activity that bolsters and is one of the mainstays of many autocratic countries and their governments." For the last few years, San Francisco-based Shenkin has been quietly briefing venture firms, startups, academics and tech industry groups that might be of interest to foreign actors. It's not the glamorous spy stings that form movie plots, but a subtle way of fighting espionage through education. After Protocol heard about the briefings from multiple sources, the FBI agreed to an interview about the content of the briefings and shared its framework, called the "Delta Protocol" (no relation to COVID-19 or this publication), which the agency developed to distribute to startups so they can learn to protect themselves. "The reason why we're being so much more assertive about these briefings and trying to be more open with U.S. industry is because we've just come to the realization that if there is no cost, then they will continue to do what they're doing," Shenkin said. "So the briefings are like, 'Please American companies, raise your shields, protect yourselves, make it more expensive for the thieves to rob you, and the country is stronger, and you're stronger.'" |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |