Cybersecurity & Espionage Articles
https://www.infosecurity-magazine.com/news/social-media-expose-80-oversharing/
Over 80% of British and American employees overshare on social media, potentially exposing themselves and their organization to online fraud, phishing and other cyber-threats, according to Tessian. The email security vendor polled 4000 UK and US professionals and interviewed 10 hackers specializing in social engineering to compile its latest research: How to Hack a Human. It revealed that half of respondents share names and photos of their children, 72% mention birthdays and even more (81%) update their job status on social media. Even worse, over half (55%) admitted they have public profiles on Facebook, and only one third (32%) have a private Instagram account. An overwhelming majority (84%) post on social media every week and over two-fifths (42%) do so every day. The report highlighted numerous ways scammers can use this readily available online information to target individuals; for example, by spoofing a senior exec in a new company they have just revealed as joining. “Most people are very verbose about what they share online. You can find virtually anything,” explained MyCrypto security and anti-phishing expert, Harry Denley. “Even if you can’t find it publicly, it’s easy enough to create an account to social engineer details or get behind some sort of wall. For example, you could become a ‘friend’ in their circle.” Even out of office messages, if they contain too much information, could be used against the individual, by giving the green light to a hacker to impersonate them online, Tessian warned. The vendor claimed its own analysis reveals that social engineering attacks and wire fraud attacks both increased by 15% during the last six months of 2020, versus the previous six. Some 88% of respondents said they had received a suspicious email in 2020. The vendor’s CEO, Tim Sadler, argued that the vast volume of personal information being shared online is making cyber-criminals’ jobs much easier. “While all these pieces of information may seem harmless in isolation — a birthday post, a job update, a like — hackers will stitch them together to create a complete picture of their targets and make scams as believable as possible,” he added. “Remember, hackers have nothing but time on their hands. We need to make securing data feel as normal as giving up data. We also need to help people understand how their information can be used against them, in phishing attacks, if we’re going to stop hackers hacking humans.”
0 Comments
https://news.clearancejobs.com/2020/12/30/the-top-5-u-s-espionage-cases-of-2020/ The year 2020, was a year steeped with several espionage cases coming to light. As expected, China and Russia compromised the top five cases in which a nation state targeted the United States using espionage to acquire information and technological know-how. These cases are: #5 CHINA’S THOUSAND TALENT PROGRAM Throughout 2020 the successful penetration of a plethora of U.S. academic and research entities was made by China througfh their Thousand Talents Program. This program identified individuals who were conducting research that was of interest to China. An approach was made to allow for the assessment and subsequent covert collaboration on the research, much of it conducted on the U.S. government’s dime, with a Chinese entity. The recruited individual would be paid twice for the same research, once with a grant provided by the U.S. government through agencies like NIH, NASA, NSA and DoD. The researchers were paid again within the envelop of the Chinese commercial agreement. #4 CHINESE PENETRATE DEPARTMENT OF ENERGY In July 2020 it became known that two Chinese nationals – Li Xiaoyu and Dong Jiazhi, operating on behalf of the MSS successfully penetrated the U.S. Department of Energy. Specifically, they compromised the Hanford Site located in Washington State from 2015 to 2018. The duo, according to the FBI, conducted 11 years of economic espionage, intellectual property theft, extortion and computer fraud. The two individuals are not MSS or PLA employees, they are contractors, and thus provided to the Chinese a layer of plausible deniability as they attacked their target’s cyber infrastructure. Their success was not limited to the United States, they were, according to the indictment, successful in penetrating entities in 10 other countries and heisting terabytes of data worth millions of dollars to the benefit of China. #3 JUN WEI YEO AKA DICKSON YEO Yeo was a Singaporean citizen who lived and operated within commercial spaces in Singapore and Washington, DC to spot, assess and recruit assets on behalf of China’s Ministry of State Security and the People’s Liberation Army. In 2018 Yeo was instructed by his handlers to create a fake company and use job boards to find potential “consulting” candidates by posting fake jobs. He did just that, using a number of online entities, including LinkedIn. It was on LinkedIn that Yeo was most successful when he received over 400 resumes of individuals interested in the ostensible consulting work. In a sobering aspect of his success, Yeo claimed that over 90% of those resumes were from U.S. citizens with current national security clearances. Yeo noted how the LinkeIn AI would serve up to him candidates every day based on his “criteria” – “it was like he was addicted to LinkedIn.” Three of his identified successes were an individual working on the F-35B military aircraft, an officer within the U.S. Army in the Pentagon, and a State Department employee. #2 ALEXANDER YUK CHING MA Ma was a contractor within FBI Honolulu who was recruited in 2001 by China and worked within FBI’s Honolulu’s division from 2004 to 2010 doing Chinese language translation work on their counterintelligence cases. From 1982 to 1990, Ma worked as a staff officer within the CIA. When recruited in 2001 he provided a plethora of historical information concerning the CIA including his work experiences and activities, cover used by CIA officers abroad, descriptions of cryptographic equipment and CIA communications, information concerning the structure and organization of the CIA, operational tradecraft used by the CIA, and more to China’s Ministry of State Security. He was directed by the MSS to get a job with the FBI. He was turned down as a special agent due to age restrictions (he was too old). He then sought and acquired the contract linguist position at in Honolulu. The criminal complaint notes that he was a prolific source for the MSS. His methodology involved photographing or screen capturing images of translated documents. He would use a digital camera, make a CD-ROM disc, photocopy documents, or capture images with his smartphone. He even inserted a digital storage device into the FBI network and copied documents from within the FBI Honolulu secure work area. Ma was discovered when a videotape of his 2001 recruitment meeting made its way to the U.S. This allowed the FBI to make a false-flag approach to Ma in January 2019 in which he implicated himself – the FBI employee posing as MSS showed the videotape of Ma’s recruitment as bona fides. #1 PETER DEBBINS The former U.S. Special Forces officer pleaded guilty to years of espionage from December 1996 to January 2011 on behalf of the Russian Federation, and handled by Russian military intelligence, the GRU. Readers will remember that he was spotted and assessed during a study abroad program when he traveled to Chelyabinsk, Russia. He would return following graduation from university to marry his Russian girlfriend and would at that time be formally recruited as a clandestine asset. His GRU handlers issued to him a rudimentary covert communication plan. His operational instructions were to join the U.S. military and do a fine job, and that he did. He would travel to Russia now and again to visit his wife’s family in Chelybinsk. On these trips he would meet with his GRU handlers and provide them with information about his deployments and personnel. When he left the military in late 2010, so did the narrative upon which he was indicted and pleaded guilty. What remains a mystery to the lay person, is the extent of the covert relationship from 2011 when Debbins began a civilian career which garnered him classified access within the intelligence and defense communities, to include NSA, DIA, the U.S. military, and NATO from 2011 to 2019. In 2019, during a periodic review for his national security clearance, is when he told the investigator he had had a covert relationship with the GRU. #BONUS – SOLARWINDS ORION The SolarWinds Orion software exploit is of sufficient magnitude that CISA issued an Emergency Directive telling all government users to unplug and report back with a status report within 24 hours. The SEC report from SolarWinds suggests that their Microsoft Office 365 email infrastructure was compromised, which allowed the adversary into the ecosystem of SolarWinds. From there, automated updates to the SolarWinds Orion were compromised and when the customer updated their software packages, the adversary gained their foothold. While we still don’t have all the details, and won’t for some time, it is apparent the Russian government’s intelligence apparatus identified a vulnerability at SolarWinds, analyzed the vulnerability and then exploited the vulnerability – intelligence agencies doing what they do best, collect information on an adversary country. The SolarWinds Orion compromise may very will be the most damaging of all the 2020 espionage cases, and the CISA has characterized it as having put the United States at grave risk. THE TAKEAWAYS FOR FSO’S
The takeaway for every Facility Security Officer and those who are responsible for their entity’s insider threat counterespionage/counterintelligence program is that the adversary never takes their foot off the operational accelerator of their espionage activities. These cases highlight the actualization of the operational use of fake consulting contracts designed to acquire privileged information, the use of illegal collaboration agreements to acquire U.S. government paid research, and the fact that historical knowledge continues to have value. Perhaps the most important takeaway is the fact that both China and Russia are engaged for the long-haul. They use seeding techniques to place personnel into the U.S. intelligence and defense sectors and watch their access grow and will seek out and identify vulnerabilities within infrastructure which will provide discreet and ongoing access. Original article at DOJ.gov
A complaint and arrest warrant were unsealed today in federal court in Brooklyn charging Xinjiang Jin, also known as “Julien Jin,” with conspiracy to commit interstate harassment and unlawful conspiracy to transfer a means of identification. Jin, an employee of a U.S.-based telecommunications company (Company-1) who was based in the People’s Republic of China (PRC), allegedly participated in a scheme to disrupt a series of meetings in May and June 2020 held to commemorate the June 4, 1989 Tiananmen Square massacre in the PRC. The meetings were conducted using a videoconferencing program provided by Company-1, and were organized and hosted by U.S-based individuals, including individuals residing in the Eastern District of New York. Jin is not in U.S. custody. “No company with significant business interests in China is immune from the coercive power of the Chinese Communist Party,” said Assistant Attorney General for National Security John C. Demers. “The Chinese Communist Party will use those within its reach to sap the tree of liberty, stifling free speech in China, the United States and elsewhere about the Party’s repression of the Chinese people. For companies with operations in China, like that here, this reality may mean executives being coopted to further repressive activity at odds with the values that have allowed that company to flourish here.” “The FBI remains committed to protecting the exercise of free speech for all Americans. As this complaint alleges, that freedom was directly infringed upon by the pernicious activities of Communist China’s Intelligence Services, in support of a regime that neither reflects nor upholds our democratic values,” said FBI Director Christopher Wray. “Americans should understand that the Chinese Government will not hesitate to exploit companies operating in China to further their international agenda, including repression of free speech.” “The allegations in the complaint lay bare the Faustian bargain that the PRC government demands of U.S. technology companies doing business within the PRC’s borders, and the insider threat that those companies face from their own employees in the PRC,” said Acting United States Attorney Seth D. DuCharme. “As alleged, Jin worked closely with the PRC government and members of PRC intelligence services to help the PRC government silence the political and religious speech of users of the platform of a U.S. technology company. Jin willingly committed crimes, and sought to mislead others at the company, to help PRC authorities censor and punish U.S. users’ core political speech merely for exercising their rights to free expression. The charges announced today make clear that employees working in the PRC for U.S. technology companies make those companies—and their users—vulnerable to the malign influence of the PRC government. This Office will continue working tirelessly to protect against threats to the free expression of political views and religious beliefs, regardless whether those threats come from inside or outside the United States.” Mr. DuCharme and Mr. Demers also extended their thanks and appreciation to Company-1 for its cooperation in the government’s ongoing investigation. According to the complaint, Jin served as Company-1’s primary liaison with PRC law enforcement and intelligence services. In that capacity, he regularly responded to requests from the PRC government for information and to terminate video meetings hosted on Company-1’s video communications platform. Part of Jin’s duties included providing information to the PRC government about Company-1’s users and meetings, and in some cases he provided information – such as Internet Protocol addresses, names and email addresses – of users located outside of the PRC. Jin was also responsible for proactively monitoring Company-1’s video communications platform for what the PRC government considers to be “illegal” meetings to discuss political and religious subjects unacceptable to the Chinese Communist Party (CCP) and the PRC government. As alleged in the complaint, between January 2019 to the present, Jin and others conspired to use Company-1’s systems in the United States to censor the political and religious speech of individuals located in the United States and around the world at the direction and under the control of officials of the PRC government. Among other actions taken at the direction of the PRC government, Jin and others terminated at least four video meetings hosted on Company-1’s networks commemorating the thirty-first anniversary of the Tiananmen Square massacre, most of which were organized and attended by U.S.-based participants, such as dissidents who had participated in and survived the 1989 protests. Some of the participants who were unable to attend these meetings were Company-1 customers in Queens and Long Island, New York who had purchased subscriptions to Company-1’s services, and therefore entered into service agreements with Company-1 governed by its Terms of Service (TOS). Jin, officials from the PRC government and others allegedly collaborated to identify meeting participants and to disrupt meetings hosted on Company-1’s U.S. servers, at times creating pretextual reasons to justify their actions to other employees and executives of Company-1, as well as Company-1’s users themselves. In particular, in May and June 2020, Jin and others acted to disrupt meetings held on the Company-1 platform to discuss politically sensitive topics unacceptable to the PRC government by infiltrating the meetings to gather evidence about purported misconduct occurring in those meetings. In fact, there was no misconduct; Jin and his co-conspirators fabricated evidence of TOS violations to provide justification for terminating the meetings, as well as certain participants’ accounts. Jin then tasked a high-ranking employee of Company-1 in the United States to effect the termination of meetings and the suspension and cancellation of user accounts. As detailed in the complaint, Jin’s co-conspirators created fake email accounts and Company-1 accounts in the names of others, including PRC political dissidents, to fabricate evidence that the hosts of and participants in the meetings to commemorate the Tiananmen Square massacre were supporting terrorist organizations, inciting violence or distributing child pornography. The fabricated evidence falsely asserted that the meetings included discussions of child abuse or exploitation, terrorism, racism or incitements to violence, and sometimes included screenshots of the purported participants’ user profiles featuring, for example, a masked person holding a flag resembling that of the Islamic State terrorist group. Jin used the complaints as evidence to persuade Company-1 executives based in the United States to terminate meetings and suspend or terminate the user accounts of the meeting hosts. PRC authorities took advantage of information provided by Jin to retaliate against and intimidate participants residing in the PRC, or PRC-based family members of meeting participants. PRC authorities temporarily detained at least one person who planned to speak during a commemoration meeting. In another case, PRC authorities visited family members of a participant in the meetings and directed them to tell the participant to cease speaking out against the PRC government and rather to support socialism and the CCP. The charges in the complaint are allegations, and the defendant is presumed innocent unless and until proven guilty. If convicted of both charged conspiracies, Jin faces a maximum sentence of ten years in prison. The investigation into this matter was conducted by the FBI’s Washington Field Office. The government’s case is being handled by the Office’s National Security and Cybercrime Section. Assistant U.S. Attorneys Alexander A. Solomon, Richard M. Tucker, David K. Kessler and Ian C. Richardson are in charge of the prosecution, with assistance from Trial Attorney Scott A. Claffee of the National Security Division’s Counterintelligence and Export Control Section. https://blog.zoom.us/our-perspective-on-the-doj-complaint/
In September 2019, the Chinese government turned off our service in China without warning. At that time, we were a much smaller company primarily serving businesses. The shutdown caused significant disruption for many of our multinational customers, who could not effectively communicate with their employees and partners in China. They urged us to take immediate action to get the service resumed. https://foreignpolicy.com/2020/12/16/chinese-communist-party-members-list-media-scare-story-xi-jinping-influence/
Original article at DoJ.gov
Federal authorities have arrested a former Department of Defense civilian official on charges that he took $34,000 in illegal cash payments from a private contractor to support the contractor’s effort to obtain $6.4 million from the government in connection with construction projects on a Navy base in the African nation of Djibouti, the Justice Department announced today. Nizar Farhat, 63, of Palm Desert, who was a former construction manager based at the Marine Corps Air Ground Combat Center in Twentynine Palms, appeared this morning in United States District Court in Charleston, South Carolina, where a judge set his bond at $75,000. Farhat was arrested on Friday by FBI agents in Mount Pleasant, South Carolina, where he has been staying in recent months. Farhat is charged in a two-count indictment returned by a federal grand jury on December 4 that charges him with being a public official receiving an illegal gratuity and being a public official receiving compensation from a private party for government services. In 2014 and 2015, Farhat was on assigned temporary duty at the United States Navy Base Camp Lemonnier in Djibouti, where he oversaw a private company’s $15 million contract to construct an aircraft hangar and a telecommunications facility. After the projects were completed, the company submitted to the Defense Department Requests for Equitable Adjustment (REAs) that sought $6.43 million in additional payments. The indictment alleges that Farhat accepted $20,000 in cash from the company for performing official acts, specifically recommending that the Navy certify completion of the construction projects and pay the additional $6.43 million the company requested in the REAs. The indictment also alleges that Farhat took another $14,000 in cash from the company as compensation for advising the company and drafting the REAs submitted to the Defense Department. The vast majority of the REAs remain under review by the Defense Department. An indictment contains allegations that a defendant has committed a crime. Every defendant is presumed innocent until and unless proven guilty beyond a reasonable doubt. If convicted of both charges, Farhat would face a statutory maximum sentence of seven years in federal prison. This matter was investigated by the FBI and Naval Criminal Investigative Service. Leaked Files Reveal Hundreds of CCP Members Are Working Inside Big Companies and Government Agencies12/13/2020 Original article at International Business Times
A leaked database of 1.95 million registered Chinese Communist Party members has provided an "unprecedented view" into the structure and method of operation of the party. The leak exposes how branches of CCP are embedded in some of the world's biggest companies, and also in some government agencies. Robert Potter, cybersecurity analyst and co-founder of Internet 2.0, said this is not something that becomes available every day. "It shows how the party has increasingly taken on a global view the way that it interacts with foreign companies, the way that it seeks to influence and engage in operations abroad," he said. The leaked database contains a register with the details of CCP members, including their names, position in the party, birthday, national ID number, and ethnicity. The major leak of official records comes after President Xi Jinping said on Saturday, December 12, that political security will be a top priority in the next five years and urged that CCP should maintain the safety of the Chinese political system. Original article at FoxNews.com
It is the stuff of a James Bond blockbuster: a young, attractive woman lures a rising political star into a romantic web, all the while collecting critical information to trickle back to her handler or big bosses back home. Original Press Release at DoJ.gov
A former Dublin, Ohio man pleaded guilty in U.S. District Court today to conspiring to steal exosome-related trade secrets concerning the research, identification and treatment of a range of pediatric medical conditions. Yu Zhou, 50, also pleaded guilty to conspiring to commit wire fraud. Zhou admitted to conspiring to steal scientific trade secrets related to exosomes and exosome isolation from Nationwide Children’s Hospital’s Research Institute for his own personal financial gain in China. “The Chinese government has created a large-scale, sophisticated system to steal American ingenuity,” U.S. Attorney David M. DeVillers said. “We hope this conviction demonstrates that we will fight this system.” Original article at FoxNews
It is the stuff of a James Bond blockbuster: a young, attractive woman lures a rising political star into a romantic web, all the while collecting critical information to trickle back to her handler or big bosses back home. Axios revealed this week that more than six years ago Rep. Eric Swalwell, D-Calif., began a relationship with a woman suspected of being a Chinese espionage operative. He was alerted by federal investigators in 2015 and given a "defense briefing," which resulted in him breaking off ties to the suspect. However, Swalwell wouldn't be the first or last political figure to be "honey-trapped" – with multiple former intelligence officials surmising that such schemes carried out by Chinese spies have long played out on U.S. soil, and remain ongoing. "I can say with a high level of confidence that there are many more of these women out there," Daniel Hoffman, a retired CIA Senior Clandestine Services Officer, told Fox News. "China's MO is to flood the zone." Original article at Axios A suspected Chinese intelligence operative developed extensive ties with local and national politicians, including a U.S. congressman, in what U.S. officials believe was a political intelligence operation run by China’s main civilian spy agency between 2011 and 2015, Axios found in a yearlong investigation. Why it matters: The alleged operation offers a rare window into how Beijing has tried to gain access to and influence U.S. political circles.
Original article at the New York Post
She was a Chinese Mata Hari — who allegedly slept with at least two Midwestern mayors while cozying up to a slew of pols across the country in a bid to infiltrate the US political system. Fetching accused Chinese government spy Fang Fang, a k a Christine Fang, entered the US through California as a college student in 2011 — and spent the next four years wooing everyone from local politicos to US congressmen, said the Web site Axios, citing current and former US intelligence officials. Among the pols who Fang got close to was California Democratic Rep. Eric Swalwell, and she also once helped raise funds for Rep. Tulsi Gabbard (D-Hawaii), sources said. “She was on a mission,’’ a US counter-intelligence official said of Fang — and it included plenty of seduction before the feds got wind of her antics and she vanished in 2015. The idea was for Fang to maneuver herself into key government circles — and sometimes politicians’ beds — to gain personal information about them while ingratiating herself with unwitting potential up-and-coming heavy-hitters, intelligence sources told Axios. US officials know of at least two mayors who had romantic relationships with Fang, likely now in her late 30s or early 40s, for about three years, the site said. The accused spy had sex with an Ohio mayor in a car, an incident caught on FBI electronic surveillance, an intelligence official said. The mayor asked Fang at one point why she was into him, and she allegedly replied that she needed to improve her English. Original article at DoJ.gov
Dr. Qingyun Sun, of Morgantown, West Virginia, was sentenced today to three years of probation, with the first four months on home confinement, after defrauding West Virginia University and filing a false tax return, both offenses arising out of his official travel to China, U.S. Attorney Bill Powell announced. Sun, age 58, pleaded guilty to a two-count information charging him with wire fraud and filing a false tax return in July 2020. Sun was a Chinese National employed by WVU as an associate professor and the associate director of the United States-China Energy Center at the University. As a part of his employment at WVU, through the West Virginia Development Office, he also acted as the Governor’s assistant for China affairs. He was also employed by Synfuels Americas Corporation, an energy conversion technology provider of coal-to-liquids and gas-to-liquids processes located in Sterling, Virginia, but headquartered in Beijing, China. From July 2011 to May 2015, Peabody Energy Generation Holding Company based in St. Louis, Missouri, paid consulting fees to Energy United LC, a consulting business Sun established in 2005. The scheme involved Sun’s operation of his consulting business through Energy United. In 2015, Sun traveled to China on behalf of WVU and the WV Development Office to prepare for an upcoming visit to China by WVU representatives and to lead a West Virginia industrial delegation for a coal expo in Beijing. Sun booked both a coach flight and a business class flight for this trip, submitting a request for reimbursement to WVU for the coach flight, and submitting a request for reimbursement to Synfuels Americas for the business flight. Sun only used the business class ticket for his trip. In 2014, Sun filed a joint income tax return with his wife, grossly overstating his business-related travel expenses, when a large sum of those travel expenses were paid for by a State Purchasing Card, or reimbursed to him by WVU and Peabody Energy. He also failed to state any financial interest in, or authority over, a financial account in a foreign country. Sun had an interest in numerous financial accounts in China. As a part of the plea agreement, Sun has agreed to pay restitution in the amount of $6,233.12 in full to WVU. Sun is no longer employed by WVU. Sun was also ordered to pay for the four months of home confinement monitoring as a part of his sentencing. Assistant U.S. Attorney Jarod J. Douglas prosecuted the case on behalf of the government. The FBI and the Internal Revenue Service investigated. WVU cooperated in the investigation of this case. Original article at NewsWeek.com
Washington "shouldn't treat everyone as a spy," China's foreign ministry said Thursday, after senior U.S. security officials revealed that more than 1,000 Chinese researchers had fled the country amid a Justice Department crackdown on espionage activity. John Demers, chief of the DOJ's National Security Division, said the U.S. government has managed to disrupt "a significant amount of malign Chinese activity" in the past two to three years. "In the eyes of some, there is only hatred, division and confrontation," Chinese foreign ministry spokesperson Hua Chunying told reporters at a regular press briefing. "The U.S. shouldn't treat everyone as a spy." Original Article at WSJ As Director of National Intelligence, I am entrusted with access to more intelligence than any member of the U.S. government other than the president. I oversee the intelligence agencies, and my office produces the President’s Daily Brief detailing the threats facing the country. If I could communicate one thing to the American people from this unique vantage point, it is that the People’s Republic of China poses the greatest threat to America today, and the greatest threat to democracy and freedom world-wide since World War II. The intelligence is clear: Beijing intends to dominate the U.S. and the rest of the planet economically, militarily and technologically. Many of China’s major public initiatives and prominent companies offer only a layer of camouflage to the activities of the Chinese Communist Party. I call its approach of economic espionage “rob, replicate and replace.” China robs U.S. companies of their intellectual property, replicates the technology, and then replaces the U.S. firms in the global marketplace. Take Sinovel. In 2018 a federal jury found the Chinese wind-turbine manufacturer guilty of stealing trade secrets from American Superconductor. Penalties were imposed but the damage was done. The theft resulted in the U.S. company losing more than $1 billion in shareholder value and cutting 700 jobs. Today Sinovel sells wind turbines world-wide as if it built a legitimate business through ingenuity and hard work rather than theft. The FBI frequently arrests Chinese nationals for stealing research-and-development secrets. Until the head of Harvard’s Chemistry Department was arrested earlier this year, China was allegedly paying him $50,000 a month as part of a plan to attract top scientists and reward them for stealing information. The professor has pleaded not guilty to making false statements to U.S. authorities. Three scientists were ousted in 2019 from MD Anderson Cancer Center in Houston over concerns about China’s theft of cancer research. The U.S. government estimates that China’s intellectual-property theft costs America as much as $500 billion a year, or between $4,000 and $6,000 per U.S. household. China also steals sensitive U.S. defense technology to fuel President Xi Jinping’s aggressive plan to make China the world’s foremost military power. U.S. intelligence shows that China has even conducted human testing on members of the People’s Liberation Army in hope of developing soldiers with biologically enhanced capabilities. There are no ethical boundaries to Beijing’s pursuit of power. China is also developing world-class capabilities in emerging technologies. Its intelligence services use their access to tech firms such as Huawei to enable malicious activities, including the introduction of vulnerabilities into software and equipment. Huawei and other Chinese firms deny this, but China’s efforts to dominate 5G telecommunications will only increase Beijing’s opportunities to collect intelligence, disrupt communications and threaten user privacy world-wide. I have personally told U.S. allies that using such Chinese-owned technology will severely limit America’s ability to share vital intelligence with them. China already suppresses U.S. web content that threatens the Communist Party’s ideological control, and it is developing offensive cyber capabilities against the U.S. homeland. This year China engaged in a massive influence campaign that included targeting several dozen members of Congress and congressional aides. Consider this scenario: A Chinese-owned manufacturing facility in the U.S. employs several thousand Americans. One day, the plant’s union leader is approached by a representative of the Chinese firm. The businessman explains that the local congresswoman is taking a hard-line position on legislation that runs counter to Beijing’s interests—even though it has nothing to do with the industry the company is involved in—and says the union leader must urge her to shift positions or the plant and all its jobs will soon be gone. The union leader contacts his congresswoman and indicates that his members won’t support her re-election without a change in position. He tells himself he’s protecting his members, but in that moment he’s doing China’s bidding, and the congresswoman is being influenced by China, whether she realizes it or not. Our intelligence shows that Beijing regularly directs this type of influence operation in the U.S. I briefed the House and Senate Intelligence committees that China is targeting members of Congress with six times the frequency of Russia and 12 times the frequency of Iran. To address these threats and more, I have shifted resources inside the $85 billion annual intelligence budget to increase the focus on China. This shift must continue to ensure U.S. intelligence has the resources it needs to give policy makers unvarnished insights into China’s intentions and activities. Within intelligence agencies, a healthy debate and shift in thinking is already under way. For the talented intelligence analysts and operators who came up during the Cold War, the Soviet Union and Russia have always been the focus. For others who rose through the ranks at the turn of this century, counterterrorism has been top of mind. But today we must look with clear eyes at the facts in front of us, which make plain that China should be America’s primary national security focus going forward. Other nations must understand this is true for them as well. The world is being presented a choice between two wholly incompatible ideologies. China’s leaders seek to subordinate the rights of the individual to the will of the Communist Party. They exert government control over companies and subvert the privacy and freedom of their citizens with an authoritarian surveillance state. We shouldn’t assume that Beijing’s efforts to drag the world back into the dark will fail just because the forces of good have triumphed before in modern times. China believes that a global order without it at the top is a historical aberration. It aims to change that and reverse the spread of liberty around the world. Beijing is preparing for an open-ended period of confrontation with the U.S. Washington should also be prepared. Leaders must work across partisan divides to understand the threat, speak about it openly, and take action to address it. This is our once-in-a-generation challenge. Americans have always risen to the moment, from defeating the scourge of fascism to bringing down the Iron Curtain. This generation will be judged by its response to China’s effort to reshape the world in its own image and replace America as the dominant superpower. The intelligence is clear. Our response must be as well Original article at ThreatPost.com
In a recent cyberattack against an E.U. country’s Ministry of Foreign Affairs, the Crutch backdoor leveraged Dropbox to exfiltrate sensitive documents. Original article at University World News
Against a backdrop of growing hostility between China and the United States, Japan is beefing up measures to protect university scientific research from foreign espionage. Experts say this also reflects Tokyo’s geopolitical interests in line with the US-Japan security partnership signed in 1960. A news report by Japan’s Kyodo News agency on 30 November indicated 45 national, private and public universities in Japan had agreements on academic or student exchange programmes with seven universities in China which have ties to China’s People’s Liberation Army (PLA) and may involve technology relating to military use. Some of the universities in China are on the US embargo list such as Beihang University (formerly Beijing University of Aeronautics and Astronautics) in Beijing, Harbin Engineering University and Harbin Institute of Technology. |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |