Mustang Panda is a Chinese hacking group suspected of trying to break into the Indonesian government last month.
The reported violations denied by the Indonesians fit into the pattern of China’s recent cyber espionage campaign. According to experts, these attacks have increased over the past year in search of social, economic and political information from Asian countries and other countries around the world.
In an interview with VOA, Ben Reed, director of cyberspy analysis at cybersecurity firm Mandiant, said it was “on the rise.” He said the cyber operation, which originated in China, was “a fairly large campaign that seemed completely unrestrained.”
“Large and indiscriminate”
For years, Josephine Wolff, an associate professor of cybersecurity policy at Tufts University, has seen China as a major cyber enemy in the United States, coordinating teams inside and outside the government to “massive and indiscriminate.” He said he had run a cyber espionage campaign. VOA.
The 2014-15 hack into the US Human Resources Department, which endangered the personnel records of 22 million federal workers, was a good example, “a big deal,” she said.
After the 2015 cybersecurity agreement between then-US President Barack Obama and Chinese President Xi Jinping, attacks from China have diminished, at least to the West, according to experts.
Rhetoric ascending hack
However, as tensions between Beijing and Washington increased during President Trump’s time, so did China’s cyber espionage. Over the past year, experts have attributed notable hacks in the United States, Europe and Asia to China’s National Security Ministry, which has led Beijing’s cyber-spionage and strengthened PLA efforts.
According to The Record, China’s state-owned hacking team focused on the Indian subcontinent, TAG-28, has invaded targets, including the Indian government agency responsible for a database of more than a billion biometrics and digital identity information. It is reported that it was done. A media site focused on cyber security.
A Microsoft report released in October accused Chinese hacking group Chromium of targeting universities in Hong Kong and Taiwan and tracking governments and telecommunications providers in other countries.
According to Microsoft and the Biden administration, Hafnium, the name Microsoft gave to the Chinese hacking group, was behind the hacking of the Microsoft Exchange earlier this year. Microsoft reports that the Chinese hacking team has taken advantage of software weaknesses to gain what they can do before an emergency patch is issued.
Scoop up data
According to a National Public Radio study, the Microsoft Exchange hack could have been an information scoop aimed at retrieving large amounts of data to train artificial intelligence assets in China.
Hafnium also targets higher education, defense industry companies, think tanks, law firms and non-governmental organizations, according to a Microsoft report. According to Microsoft, another group in China, Nickel (also known as APT15 and Vixen Panda), is targeting governments in Latin America and Europe.
“What you’re seeing now is this perception that China’s espionage isn’t going away, it’s becoming more technically sophisticated,” Wolff said.
White House response
The Biden administration has stepped up its response to hacking in China. During the summer, the United States and its allies (including the European Union, NATO, and the United Kingdom) accused China of being behind Microsoft’s hack and called on Beijing to suspend operations.
The Biden administration has not prosecuted anyone involved in Microsoft Exchange hacking or has taken any economic or other sanctions against China.
However, in July, the United States launched four members of China’s National Security Ministry in another attack carried out by a group that security researchers call Advanced Persistent Threat (APT) 40, Bronze, Mohawk, and others. I have opened a complaint against.
A Chinese government spokesman demanded that the United States withdraw the indictment, denying the country behind the hacking of Microsoft Exchange.
“The United States has worked with its allies to unfairly blame China’s cybersecurity,” Zhao Lijian, a spokesman for the Chinese Foreign Ministry, said in a statement in July. “It is made up of thin air and confuses good and evil. It is purely politically motivated smears and oppression.”
China has stepped up its use of hacking, but it’s no more than some cyber experts say it’s a glorious line of cyber spying. Public and obvious hacks such as Russia’s information leak campaign affecting the 2016 US presidential election, and May colonial pipeline ransomware hacks. This was due to a Russian-based cyber criminal.
China’s goals are long-term and appear to be economical and strategic. For example, strengthening China’s capabilities “will not only be well protected, but will exceed its capabilities,” Philip Reiner, chief executive officer of the Security Technology Institute, told VOA.
He said the collective push from world leaders that cyber espionage is unacceptable may resonate with Beijing’s Chinese leaders who want to be accepted on the world stage. He said it was also important to detail the clear consequences of state-sponsored hacking.
Without strong push from the United States and its allies, Chinese country-sponsored cyberattacks will continue, experts say.
Source link China’s cyber operations scoop up data for political and economic purposes