Computer code on the screen of the Chinese flag (Reuters/Thomas White/Illustration)

Chinese hacking tools made public in recent days demonstrate how far Beijing has expanded the reach of its cyber intrusion campaigns by using contractors’ networks, as well as the vulnerabilities of its emerging systems.

You may be interested in: China tries to dominate the field of artificial intelligence but remains dependent on American technology

The new revelations underline the extent to which China has ignored or avoided US efforts for more than a decade to curb its widespread hacking campaigns. instead, China has built up the cyber operations of its intelligence services and developed a network of independent companies to do the work.

Last weekend in Munich, christopher a rayFBI director said hacking operations from China are now directed against the United States “A much larger scale than we’ve seen before.”, And at a recent congressional hearing, Wray said that China’s hacking program is “larger than all the major countries combined.”

You may be interested in: Blinken addressed his concerns about “China’s increasingly defiant actions” with Japan and South Korea

“In fact, if you took every FBI cyber agent and intelligence analyst and focused them exclusively on the China threat, China’s hackers would still outnumber the FBI. “Cyberpersonal at least 50 to one”Said.

US officials said China quickly gained numerical advantage through contracts with such companies I soonWhose documents and hacking tools were stolen and put online last week.

You may be interested in: The “Biden-economy” is working great

The documents revealed that I-Sun’s extensive activities included targets South Korea, Taiwan, Hong Kong, Malaysia, India And other places.

But the documents also revealed that I-Sun was facing financial difficulties and used ransomware attacks to raise money when the Chinese government cut funding.

A Chinese official in front of a computer

US officials say this reflects a serious weakness in the Chinese system. China’s economic problems and rampant corruption often mean that money paid to contractors is misused. Lacking cash, contractors have increased their illegal activities, using hacking and ransomware for hire, making them targets of retaliation and exposing them to other problems.

The US government and private cybersecurity companies have long monitored Chinese espionage and malware threats aimed at stealing information, which have become almost routine, experts say. More worryingly, however, is that Chinese cyber-hacking efforts put critical infrastructure at risk.

intrusion, call volt storm The name of a Chinese network of hackers that has penetrated critical infrastructure has set off alarms throughout the United States government. Unlike the i-Soon hacks, those operations avoided using malware and instead used stolen credentials to covertly access critical networks.

Intelligence officials believe the intrusion was intended to send a message: that China could disrupt power and water supplies, or communications, at any time. Some operations have been found near US military bases that rely on civilian infrastructure, particularly bases that would be involved in a rapid response to any attack on Taiwan.

But still China poured resources into this effort volt storm, Their work on more routine malware efforts continues. China used its intelligence services and their associated contractors to expand its espionage activities.

I-Sun has a more direct relationship Chinese Ministry of Public Security, which traditionally focuses on domestic political threats, not international espionage. But the documents also show he has ties to the Ministry of State Security, which collects intelligence both inside and outside China.

john condrathreat intelligence analyst recorded futureA security company said the iSun has also been linked to Chinese state-sponsored cyber threats.

“This represents the largest data breach involving a company suspected of providing cyber espionage and intrusion services targeting Chinese security services.”Condra said. “Leaked materials indicate that I-Sun is likely a private contractor working on behalf of Chinese intelligence services.”

Chinese President Xi Jinping. Reuters/Thomas Peter/file photo

United States efforts to curb Chinese hacking date back to the Obama administration, when it was revealed that the People’s Liberation Army’s Unit 61398, the Chinese military, was behind intrusions into a wide swath of American industry, which Was trying to steal secrets for the Chinese. Competitive. To China’s outrage, PLA agents were convicted in the United States and their photographs were placed on Justice Department “wanted” posters. No one was ever tried.

China then found itself implicated in one of the U.S. government’s most audacious data thefts: It stole more than 22 million security clearance files from the Office of Personnel Management. Their hackers remained undetected for over a year, and the information they obtained gave them a deeper understanding of who works and what they do within the US government and what financial, health or relationship problems they may have. Have to face. In the end, the CIA had to recall officers who were about to enter China.

The result was a 2015 agreement between President Xi Jinping and president Barack Obama The announcement was made with fanfare in the White House Rose Garden aimed at curbing computer hacking.

But within two years, China had begun to develop a network of hacking contractors, a strategy that gave its security agencies some degree of denial.

In an interview last year, Ray said that China had increased its espionage resources so much that it no longer had to “cherry-pick” its targets.

“They’re chasing everything,” he said.

© The New York Times 2024