The Obama-era cyber détente with China was nice, wasn't it? Yeah well it's obviously over now

Middle Kingdom is a rising threat once again – research


Infosec pros might have already noticed some familiar IP address ranges in their system logs – China has returned to the cyber-attack arena.

That's the conclusion of threat intel outfit CrowdStrike, which released its midyear threat report this week (downloadable here with free registration). The firm's Falcon OverWatch team said that from January to June, state actors were responsible for 48 per cent of intrusion cases, and China is climbing back up the charts.

CTO and co-founder Dmitri Alperovitch tweeted: "CrowdStrike can now confirm that China is back (after a big drop-off in activity in 2016) to being the predominant nation-state intrusion threat in terms of volume of activity against Western industry. MSS is now their #1 cyber actor."

MSS refers to the Ministry of State Security, which will likely be even more motivated to digitally disrupt the US since a deputy division director was arrested in Belgium in April and extradited to face charges in America.

Alperovitch said that the 2015 Obama-era non-hacking pact had led to a decline in hostile activity, at least at the state level.

Alex Stamos, formerly CSO at Facebook, concurred with Alperovitch: "Most IR professionals I have spoken to believed that there was a real drop in commercially-motivated hacking from the Chinese after the deal."

That was then. The increasing political hostility between China and the US (and countries like Australia which have followed the US's lead) is reflected in the online world, CrowdStrike reckoned. "OverWatch data identifies China as the most prolific nation-state threat actor during the first half of 2018."

Hacker

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

READ MORE

Intrusions were attempted against "biotech, defence, mining, pharmaceutical, professional services, transportation, and more", the report claimed.

The "Chinese threat" has been a CrowdStrike theme for some time: in September, Alperovitch made the same point to Fox Business in a TV interview. He said "every major sector of the economy is being targeted" by the Middle Kingdom.

"Primarily they're focused on stealing intellectual property... in order to counteract in part the trade tariffs we're putting into place on them."

By comparison to the rising Chinese attack traffic, the report's other key findings were relatively unremarkable: online crims are turning to crack networks to install cryptocurrency miners, with legal and insurance industries a favourite target; the biotech sector is a favoured target for industrial espionage; and criminal actors who once may have used less sophisticated tools are now adopting "tactics, techniques and procedures" learned from nation-state actors. ®


Keep Reading

Google and Facebook abandon Hong Kong landing of new submarine cable

There be dragons, say US authorities, so first planned US-HK cable darkens its last leg

Big Tech to face its Ma Bell moment? US House Dems demand break-up of 'monopolists' Apple, Amazon, Facebook, Google

'These once scrappy, underdog startups have become the kinds of monopolies we last saw in the era of oil barons and railroad tycoons'

At historic Apple, Amazon, Facebook, Google CEOs hearing, congressmen ramble, congresswomen home in on tech market abuse

Analysis We watched six hours of congressional hearings so you didn’t have to

Apple presses pause on Pegatron: Major long-time supplier on naughty step over China labour violations

Don't worry, you'll still get your iPhone 12

Apple's big trouble in not-so-little China – culls 30,000 apps from its Middle Kingdom App Store in legal crackdown

Game developers face local license law that could 'devastate' iOS revenues

Google Safari Workaround case inspires campaign to sue Facebook in UK's High Court over Cambridge Analytica app

'Facebook You Owe Us' wants to run a not-quite-class-action-style lawsuit

Google yanks Apple Silicon Chrome port after browser is found to 'crash unexpectedly'

Updated You'll have to run x64 version through the Rosetta emulation layer, or give it access to the Mac Bluetooth radio

Facebook, Amazon, Apple, Google told: If you could cough up a decade of your internal emails, that'd be great

Oh, and you have four weeks to comply, says US antitrust probe

Biting the hand that feeds IT © 1998–2020