Cybersecurity & Espionage Articles
https://darknetdiaries.com/transcript/119/
Well, according to the FBI, this was the work of the Lazarus Group, who – believed to be working on behalf of the North Korean government. These are North Korean state hackers who are going around the world and in a lot of cases, trying to get their hands on as much cash, as much foreign currency, certainly, as possible so they can transfer it back either to North Korea directly or for the use of North Korea in other foreign countries. So, these are the kind of jigsaw pieces that the FBI’s starting to put together.
9 Comments
https://www.washingtonpost.com/world/2022/10/28/china-politburo-xi-jinping-policy/
The meeting cemented Xi’s role in setting the policy agenda. His former rivals, Li Keqiang and a onetime would-be successor, were both pushed out, indicating that alternative political networks had been erased. And most of the 13 individuals promoted to join the 24-member Politburo not only have strong personal ties to Xi but technical expertise or experience relevant to his policy priorities of advanced technologies, security and military power. Five — Ma Xingrui, Zhang Guoqing, Li Ganjie, Liu Guo Zhong and Yuan Jiajun — have worked in the state-run military-industrial complex responsible for China rapidly gaining on the United States in space flight and for the People’s Liberation Army’s expanding arsenal of conventional and nuclear missiles. https://www.americanprogress.org/article/the-expanding-international-reach-of-chinas-police/
China’s Ministry of Public Security has expanded its global activities, increasingly threatening U.S. interests and influencing security sector governance around the world. https://www.embroker.com/blog/employee-theft-statistics/
Is your company a den of thieves? Shockingly, 75% of employees admit to stealing at least once from their employer. Whether it’s a result of entitlement or just general dishonesty, employee theft comes in many forms and at varying degrees. Everything from scrolling social media during a meeting to sharing confidential documents with an outside source can be considered workplace theft. While some cases are more serious than others, if you’re leading a company, it’s important to stay up to date on what’s what (legally). Because internal theft can have a major impact on your bottom line — alone, it’s estimated to cost U.S. businesses up to $50 billion a year. From fraud cases to data security incidents, we cover the common types backed by statistics and trends for 2022 and beyond. https://www.csis.org/events/book-event-spies-and-lies-how-chinas-greatest-covert-operations-fooled-world?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioschina&stream=china
In his new book Spies and Lies: How China's Greatest Covert Operations Fooled the World, Alex Joske, Senior Analyst at Australian Strategic Policy Institute, examines how China's Ministry of State Security has spent decades shaping foreign attitudes toward China's rise. Their efforts have targeted policymakers, diplomats, retired officials, scholars, media organizations, and religious leaders around the world. This book draws on Australia's experience countering foreign interference to assess why governments failed to recognize the nature of China's rise and its influence operations earlier. https://www.bloomberg.com/news/features/2022-09-15/china-wanted-ge-s-secrets-but-then-their-spy-got-caught
In January 2014, Arthur Gau, an aerospace engineer who was nearing retirement age, received an unexpected email from a long-lost acquaintance in China. Years before, Gau had made a series of trips from his home in Phoenix to speak at the Nanjing University of Aeronautics and Astronautics, or NUAA, one of China’s most prestigious research institutions. The original invitation had come from the head of a lab there studying helicopter design. Increasingly, however, Gau had heard from someone else, a man who worked at the university in a vague administrative capacity. Little Zha, as the man called himself, was the one who made sure Gau never had to pay his own airfare when he came to give talks. When Gau brought his mother on a 2003 visit, Zha arranged and paid for them to take a Yangtze cruise to see the river’s dramatically sculpted middle reaches before they were flooded by the Three Gorges Dam. https://www.nytimes.com/2022/09/14/opinion/international-world/china-espionage.html
In my three-decade career with Britain’s Secret Intelligence Service, China was never seen as a major threat. If we lost sleep at night, it was over more immediate challenges such as Soviet expansionism and transnational terrorism. China’s halting emergence from the chaotic Mao Zedong era and its international isolation after Chinese soldiers crushed pro-democracy demonstrations at Tiananmen Square in 1989 made it seem like an insular backwater. It’s a different picture today. China has acquired global economic and diplomatic influence, enabling covert operations that extend well beyond traditional intelligence gathering, are growing in scale and threaten to overwhelm Western security agencies. The U.S. and British intelligence chiefs — the F.B.I. director, Christopher Wray, and the MI5 director general, Ken McCallum — signaled rising concern over this with an unprecedented joint news conference in July to warn of, as Mr. Wray put it, a “breathtaking” Chinese effort to steal technology and economic intelligence and to influence foreign politics in Beijing’s favor. The pace was quickening, they said, with the number of MI5 investigations into suspected Chinese activity having increased sevenfold since 2018. https://www.reuters.com/legal/twitter-whistleblower-detail-dire-security-threats-ahead-musk-deal-vote-2022-09-13/
The FBI informed Twitter Inc (TWTR.N) of at least one Chinese agent working at the company, U.S. Senator Chuck Grassley said during a Senate hearing on Tuesday where a whistleblower testified, raising new concerns about foreign meddling at the influential social media platform. Peiter "Mudge" Zatko, a famed hacker who served as Twitter's head of security until his firing in January, said some Twitter employees were concerned the Chinese government would be able to collect data on the company's users. Twitter has come under fire previously for lax security, most notably in 2020 when teenage hackers seized control of dozens of high-profile accounts, including the verified profile of former U.S. President Barack Obama. On Tuesday, Zatko's testimony before the Senate Judiciary Committee revealed Twitter's security issues could be far more serious, alleging for the first time that the company was informed of agents of the Chinese government working at the social media firm. https://www.technologyreview.com/2022/09/07/1059067/chinese-spacex-engineers-linkedin-scam/
If you were just looking at his LinkedIn page, you’d certainly think Mai Linzheng was a top-notch engineer. With a bachelor’s degree from Tsinghua, China’s top university, and a master’s degree in semiconductor manufacturing from UCLA, Mai began his career at Intel and KBR, a space tech company, before ending up at SpaceX in 2013. Having spent the past eight years and nine months working in the human race to space, he’s now a senior technician. Except all is not as it seems. Upon closer inspection, there are plenty of red flags: Despite having been in the US for 18 years, Mai has written all his job titles, degrees, and company locations in Chinese. His bachelor's degree is in business management, even though his alma mater, Tsinghua, only offers that degree to student athletes, and Mai was not one. Besides, the man in his profile photo looks younger than Mai’s stated age. The image, as it turns out, was stolen from Korean influencer Yang In-mo's Instagram. In fact, none of the information on this page is true. The profile of “Mai Linzheng” is actually one of the millions of fraudulent pages set up on LinkedIn to lure users into scams, often involving cryptocurrency investments and targeting people of Chinese descent all over the world. Scammers like Mai claim affiliation with prestigious schools and companies to boost their credibility before connecting with other users, building a relationship, and laying a financial trap. https://www.washingtonpost.com/technology/interactive/2022/twitter-whistleblower-sec-spam/?itid=hp-top-table-main
Twitter executives deceived federal regulators and the company’s own board of directors about “extreme, egregious deficiencies” in its defenses against hackers, as well as its meager efforts to fight spam, according to an explosive whistleblower complaint from its former security chief. The complaint from former head of security Peiter Zatko, a widely admired hacker known as “Mudge,” depicts Twitter as a chaotic and rudderless company beset by infighting, unable to properly protect its 238 million daily users including government agencies, heads of state and other influential public figures. Among the most serious accusations in the complaint, a copy of which was obtained by The Washington Post, is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan. Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes. The complaint — filed last month with the Securities and Exchange Commission and the Department of Justice, as well as the FTC — says thousands of employees still had wide-ranging and poorly tracked internal access to core company software, a situation that for years had led to embarrassing hacks, including the commandeering of accounts held by such high-profile users as Elon Musk and former presidents Barack Obama and Donald Trump. https://www.cnn.com/2022/08/23/tech/twitter-whistleblower-peiter-zatko-security/index.html
Twitter has major security problems that pose a threat to its own users’ personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post. The disclosure, sent last month to Congress and federal agencies, paints a picture of a chaotic and reckless environment at a mismanaged company that allows too many of its staff access to the platform’s central controls and most sensitive information without adequate oversight. It also alleges that some of the company’s senior-most executives have been trying to cover up Twitter’s serious vulnerabilities, and that one or more current employees may be working for a foreign intelligence service. https://www.forbes.com/sites/emilybaker-white/2022/08/10/bytedance-tiktok-china-state-media-propaganda/?sh=509ce67f322f
Three hundred current employees at TikTok and its parent company ByteDance previously worked for Chinese state media publications, according to public employee LinkedIn profiles reviewed by Forbes. Twenty-three of these profiles appear to have been created by current ByteDance directors, who manage departments overseeing content partnerships, public affairs, corporate social responsibility and “media cooperation.” Fifteen indicate that current ByteDance employees are also concurrently employed by Chinese state media entities, including Xinhua News Agency, China Radio International and China Central / China Global Television. (These organizations were among those designated by the State Department as “foreign government functionaries” in 2020.) Fifty of the profiles represent employees that work for or on TikTok, including a content strategy manager who was formerly a Chief Correspondent for Xinhua News. The LinkedIn profiles reviewed by Forbes reveal significant connections between TikTok’s parent company, ByteDance, and the propaganda arm of the Chinese government, which has been investing heavily in using social media to amplify disinformation that serves the Chinese Communist Party. Chinese state media outlets have a large presence on platforms like Facebook, Instagram, and Twitter, but so far, they have been relatively quiet on TikTok. Unlike the other major platforms, however, TikTok does not currently label accounts controlled by Chinese state media. In March, TikTok announced a plan to label “some” state media entities, but a Forbes review of China’s largest state media entities on the platform, including China News Service, Xinhua News Service, CGTN and the Global Times, found no added context or labels indicating the accounts’ state control. (Disclosure: In a previous life, I held policy positions at Facebook and Spotify.) https://www.economist.com/china/2022/06/01/chinas-spies-are-not-always-as-good-as-advertised
In recent years Western officials have maintained a steady drumbeat of warnings about Chinese spies. In short, the spooks are getting bolder and better. Among other things, they’re accused of hacking into Microsoft’s Exchange email service, stealing Western defence and commercial secrets, harassing Chinese dissidents overseas and bugging the headquarters of the African Union (all of which China denies). Yet, when confronted by overwhelming evidence that Russia was about to invade Ukraine, China’s spies appear to have dropped the ball. https://therecord.media/north-korean-it-workers-fbi-state-treasury-warning/
Companies that hire freelance IT teleworkers could inadvertently be employing North Koreans who have been dispatched to generate revenue for the country’s authoritarian regime or gain access to corporate networks, the U.S. government said Monday.The workers “take advantage of existing demands for specific IT skills, such as software and mobile application development,” according to the alert from the FBI, the Treasury Department and the State Department. In many cases, they used forged documents or stolen identities to “represent themselves as U.S.-based and/or non-North Korean teleworkers.” The IT workers might not engage in any malicious cyber-activity while doing their jobs, but “they have used the privileged access gained as contractors to enable [North Korea’s] malicious cyber intrusions,” the alert said. https://home.treasury.gov/system/files/126/20220516_dprk_it_worker_advisory.pdf
The U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investigation (FBI) are issuing this advisory for the international community, the private sector, and the public to warn of attempts by Democratic People’s Republic of Korea (DPRK, a.k.a. North Korea) information technology (IT) workers to obtain employment while posing as non-North Korean nationals. There are reputational risks and the potential for legal consequences, including sanctions designation under U.S. and United Nations (UN) authorities, for individuals and entities engaged in or supporting DPRK IT worker-related activity and processing related financial transactions. The DPRK dispatches thousands of highly skilled IT workers around the world to generate revenue that contributes to its weapons of mass destruction (WMD) and ballistic missile programs, in violation of U.S. and UN sanctions. These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia. In many cases, DPRK IT workers represent themselves as U.S.-based and/or non-North Korean teleworkers. The workers may further obfuscate their identities and/or location by sub-contracting work to nonNorth Koreans. Although DPRK IT workers normally engage in IT work distinct from malicious cyber activity, they have used the privileged access gained as contractors to enable the DPRK’s malicious cyber intrusions. Additionally, there are likely instances where workers are subjected to forced labor. https://www.washingtonpost.com/national-security/2022/02/01/china-funding-drones-dji-us-regulators/Chinese drone maker DJI, a leading supplier of drones to U.S. law enforcement, obscured its Chinese government funding while claiming that Beijing had not invested in the firm, according to a Washington Post review of company reports and articles posted on the sites of state-owned and -controlled investors, as well as analysis by IPVM, a video surveillance research group.
https://www.fbi.gov/news/speeches/countering-threats-posed-by-the-chinese-government-inside-the-us-wray-013122 Today, we in the United States and the Western world find ourselves in a very different struggle against another global adversary—the Chinese Communist Party. Now, there are some surface-level similarities between the threat posed by the Chinese government and the historical threat of the Soviet Union: The Chinese government also rejects the fundamental freedoms, basic human rights, and democratic norms we value as Americans.
https://www.axios.com/newsletters/axios-china-eef77137-5aac-4c8b-82f0-a0174adc8759.html?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioschina&stream=china The tide of public opinion may be turning against the Justice Department's China Initiative, as more cases fall apart and more of the researchers charged are speaking out.
The big picture: Chinese government-linked economic and industrial espionage in the United States is a real concern, but the China Initiative's flaws may be overshadowing the problem it was intended to address. https://www-spectator-co-uk.cdn.ampproject.org/c/s/www.spectator.co.uk/article/how-china-spies-on-the-west/amp
It is hard to say what was the most shocking part of the incident. The audacity of a company with close links to the Chinese Communist Party, which is barred from Britain’s 5G telecoms networks on security grounds? Or the apparent indifference of Oxford University? But it is just one example of the brazen way in which entities linked to the CCP are able to trawl for information and technology in Britain, with few questions asked. .... In one operation I was told about while researching a book on Chinese surveillance, hackers penetrated a US oil company by infecting the online menu of a local Chinese restaurant where systems engineers ordered their takeaways. When the engineers clicked on General Tso’s chicken, they got a lot more than sweet crispy meat. https://www.wsj.com/articles/official-beijing-2022-olympics-mobile-app-is-marred-by-security-flaws-researchers-say-11642511957
Athletes, officials, media and other participants in the Games all will be required to download My 2022 and use it to upload their travel plans, passport details, and health information such as body temperature, respiratory symptoms and medications each day for two weeks before arriving in China. Users are required to continue using the app to upload information about their health condition during the Games. |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |