How China Transformed Into a Prime Cyber Threat to the U.S.
Over the past decade, China reorganized its hacking operations, turning into a sophisticated and mature adversary.
By Nicole Perlroth
Nearly a decade ago, the United States began naming and shaming China for an onslaught of online espionage, the bulk of it conducted using low-level phishing emails against American companies for intellectual property theft.
On Monday, the United States once again accused China of cyberattacks. But these attacks were highly aggressive, and they reveal that China has transformed into a far more sophisticated and mature digital adversary than the one that flummoxed U.S. officials a decade ago.
The Biden administration’s indictment for the cyberattacks, along with interviews with dozens of current and former American officials, shows that China has reorganized its hacking operations in the intervening years. While it once conducted relatively unsophisticated hacks of foreign companies, think tanks and government agencies, China is now perpetrating stealthy, decentralized digital assaults of American companies and interests around the world.
Hacks that were conducted via sloppily worded spearphishing emails by units of the People’s Liberation Army are now carried out by an elite satellite network of contractors at front companies and universities that work at the direction of China’s Ministry of State Security, according to U.S. officials and the indictment.
While phishing attacks remain, the espionage campaigns have gone underground and employ sophisticated techniques. Those include exploiting “zero-days,” or unknown security holes in widely used software like Microsoft’s Exchange email service and Pulse VPN security devices, which are harder to defend against and allow China’s hackers to operate undetected for longer periods of time.
“What we’ve seen over the past two or three years is an upleveling” by China, said George Kurtz, the chief executive of the cybersecurity firm CrowdStrike. “They operate more like a professional intelligence service than the smash-and-grab operators we saw in the past.”
China has long been one of the biggest digital threats to the United States. In a 2009 classified National Intelligence Estimate, a document that represents the consensus of all 16 U.S. intelligence agencies, China and Russia topped the list of America’s online adversaries. But China was deemed the more immediate threat because of the volume of its industrial trade theft.
Source: Read Full Article