Chinese hackers cast wide web of trade secrets across US, Europe and Asia, researchers say

Chinese hackers cast wide web of trade secrets across US, Europe and Asia, researchers say


Hackers linked to the Chinese government have tried to steal sensitive data from some three dozen manufacturing and technology companies in the US, Europe and Asia, security researchers said Wednesday, in findings that shed new light on the alleged Beijing’s use of hacking to prop up its mighty economy.

The hackers targeted blueprints to produce materials with wide applications in the pharmaceutical and aerospace sectors, according to the Boston-based security firm Cybereason. The firm discovered the activity last year, but said the hacking campaign dates back to at least 2019, and suggested a large amount of data could have been stolen in the meantime.

The investigation is a disturbing reminder of the scope of the cyber threats facing US businesses and government agencies as the Biden administration seeks to thwart them. Despite all the attention on possible Russian hacking due to the war in Ukraine, China’s digital operatives have been very active.

“It is clearly industrial espionage, IP [intellectual property] theft at the highest level,” Assaf Dahan, Cybereason’s research lead, told CNN.

When asked to respond to the Cybereason report, Liu Pengyu, a spokesman for the Chinese Embassy in Washington, stated that China “will never encourage, support or tolerate cyberattacks.”

“China opposes speculation and baseless accusations on the issue of hacking attacks,” Liu added. “If the company really cares [sic] on global cyber security, they should pay more attention to cyber attacks by US government-sponsored hackers in China and other countries.”

Cybersecurity researchers and US officials have for years accused Chinese military and espionage agencies of hacking and stealing trade secrets.

China “has a massive and sophisticated cyber-theft program,” FBI Deputy Director Paul Abbate alleged in a speech last week to the American Hospital Association, “and carries out more cyber-intrusions than any other nation in the world.” world together.”

The FBI declined to comment on the Cybereason report.

US officials and cyber intelligence analysts point to China’s “Made in 2025” plan, an ambitious state plan to achieve economic dominance, as a rubric for the types of companies whose data has been attacked by Chinese hackers.

The plan, published in 2015, calls for manufacturing advances in the aerospace and biomedical fields, among several others. In the years since then, the Justice Department has filed unsealed indictments accusing Chinese hackers of targeting those very sectors.

Chinese President Xi Jinping and then US President Barack Obama in 2015 agreed that neither government would “knowingly engage in or support cyber theft of intellectual property.”

Some analysts noted a temporary drop in Chinese hacking activity shortly after the deal. But Adam Meyers, senior vice president of intelligence at cybersecurity firm CrowdStrike, suspects any lull in Chinese economic espionage at the time may be due to Xi’s restructuring of the People’s Liberation Army.

“In that time period, in 2016, we started to see a major shift in Chinese intrusion operations towards groups that are now associated with the Ministry of State Security,” Meyers told CNN, referring to China’s civilian intelligence agency. China.

China’s global cyber espionage campaigns have increasingly targeted large repositories of valuable data, such as telecommunications and Internet service providers, rather than individual organizations, Meyers said.

“I think they’ve really upped their game in terms of going after broader infrastructure, so it’s more difficult to really identify that they were doing economic espionage,” Meyers said.

In the hack that Cybereason investigated, company executives said they first noticed the activity when the attackers breached an Asian subsidiary of a large manufacturing and technology company.

But it would take months to successfully kick the hackers out of the network, showing how determined they were in their mission, according to Cybereason.

Leave a Comment