Beijing fingers foreign spies for data mischief, with help from consulting firm

Chinese media wonders why it hasn't been reported in the West - hang on, you're reading this ...


China's Ministry of State Security released details this week of three alleged security breaches that saw sensitive data illegally transferred abroad.

State-sponsored Xinhua News Agency described the breaches as "endangering the security of important data" and said by disclosing them, the Ministry sought to build awareness of non-traditional security and, by doing so, better maintain national security.

The announcement, which deliberately coincides with the seventh anniversary of the country's anti-espionage law, described airline data stolen by an overseas intelligence agency, shipping data collected by a consulting firm that provided it to a foreign spy agency, and the construction of weather devices to transfer sensitive meteorological data abroad. It is unclear whether one or more foreign intelligence agencies conducted the alleged attacks, or if the actions were linked.

"Data security is related to national security and public interest, and is an important aspect of non-traditional security," reads a machine translation of the Xinhua piece, which goes on to encourage the public to report suspicious events to authorities.

The Middle Kingdom's anti-espionage law came into effect in 2014 and has been amended since. An April 2021 change imposed new responsibilities on groups and organizations, making it clear the onus is on the public to watch out for, prevent, and report foreign espionage activity.

"The regulations … clarify that agencies, groups, enterprises and institutions and other social organizations have the main responsibility for the unit's anti-espionage security prevention work," stated the official newspaper of the Central Committee of the Chinese Communist Party (CCP), People’s Daily Online.

Chinese journalists Zhixin Wan and Zichen Wang have pointed out that foreign media have all but ignored the attacks.

"Whereas the US and other Western security sources are not infrequent contributors to Western media reports on China, usually detailing what's described as Chinese influence, threats, espionage, or hacking, the same simply can't be said of this side. Also, press content with those intelligence sources is almost always quite prominent in the news," wrote the duo.

Beijing has lately rewritten its rules to prevent data making its way outside of China, with new regulations and a proposal that businesses proposing to transfer data overseas must first undergo national security screening.

Paradoxically, the Middle Kingdom applied this week for entry into the three-country Digital Economy Partnership Agreement (DEPA), a digitally focused trade agreement that would require China to allow free flow of information across its borders.

China's swift march to digitising its economy and government services has created a boom market for security services: analyst firm IDC recently reported revenue won by China's IT security service providers increased by 110 per cent year-on-year in the first half of 2021.

Xinhua did not name the nation(s) alleged to have attacked Chinese organisations. Other nations have no trouble naming China as a source of attacks, as demonstrated when it and Russia were not invited to last month's National Security Council Counter-Ransomware Initiative, a two-day meeting consisting of over 30 countries and the EU. Both countries were name-checked in a pre-event press call as sources of recent cybermalice. ®

Similar topics

Broader topics

Narrower topics


Other stories you might like

  • Ex-Qualcomm Snapdragon chief turns CEO at AI chip startup MemryX

    Meet the new boss

    A former executive leading Qualcomm's Snapdragon computing platforms has departed the company to become CEO at an AI chip startup.

    Keith Kressin will lead product commercialization for MemryX, which was founded in 2019 and makes memory-intensive AI chiplets.

    The company is now out of stealth mode and will soon commercially ship its AI chips to non-tech customers. The company was testing early generations of its chips with industries including auto and robotics.

    Continue reading
  • Aircraft can't land safely due to interference with upcoming 5G C-band broadband service

    Expect flight delays and diversions, US Federal Aviation Administation warns

    The new 5G C-band wireless broadband service expected to rollout on 5 January 2022 in the US will disrupt local radio signals and make it difficult for airplanes to land safely in harsh weather conditions, according to the Federal Aviation Administration.

    Pilots rely on radio altimeter readings to figure out when and where an aircraft should carry out a series of operations to prepare for touchdown. But the upcoming 5G C-band service beaming from cell towers threatens to interfere with these signals, the FAA warned in two reports.

    Flights may have to be delayed or restricted at certain airports as the new broadband service comes into effect next year. The change could affect some 6,834 airplanes and 1,828 helicopters. The cost to operators is expected to be $580,890.

    Continue reading
  • Canadian charged with running ransomware attack on US state of Alaska

    Cross-border op nabbed our man, boast cops and prosecutors

    A Canadian man is accused of masterminding ransomware attacks that caused "damage" to systems belonging to the US state of Alaska.

    A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time. US prosecutors [PDF] claimed he carried out "cyber related offences" – including a specific 2018 attack on a computer in Alaska.

    The Canadian Broadcasting Corporation reported that Philbert was charged after a 23 month investigation "that also involved the [Royal Canadian Mounted Police, federal enforcers], the FBI and Europol."

    Continue reading

Biting the hand that feeds IT © 1998–2021