Chinese State Sponsored Actors Aggressively Target Sensitive Data of US and Allies: Report
Update: Jul 19, 2021 7:55 PM STI
Washington [US], July 19 (ANI): A new advisory issued by U.S. security agencies has uncovered a major threat to cyberspace assets of the United States and its allies from Chinese state-sponsored cyber activities.
A Joint Cyber Security Advisory (CSA) released on Monday says state-backed cyber actors are aggressively targeting political, economic, military, educational and critical (CI) infrastructure to steal sensitive data and key emerging technologies, the intellectual property and personally identifiable information. (PII).
An unprecedented group of US allies and partners, including the EU, UK, Australia, Canada, New Zealand, Japan and NATO, have joined in denouncing and criticizing cyber activities malicious acts of the Chinese Ministry of State Security. This is the first time that NATO has condemned China’s cyber activities.
The joint opinion sets out how some cyber actors are targeting sectors such as managed service providers, semiconductor companies, the defense industrial base (DIB), universities and medical institutions. These cyber operations support China’s long-term economic and military development goals, according to the advisory.
The advisory, titled Chinese State-Sponsored Cyber Operations: Observed TTPs, provides information on nearly 50 tactics, techniques, and procedures (TTPs) used by Chinese state-sponsored cyber actors when targeting U.S. networks and allies.
The new advisory builds on previous reports from the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) to notify all government and private organizations of persistent methods through to collaborative analysis.
Some of the notable malicious trends identified by US security agencies include the acquisition of infrastructure and capability; exploitation of public vulnerabilities; and the use of “encrypted multi-hop proxy”.
Regarding development, Chinese state-backed cyber actors were assessed to perform reconnaissance on widely used Microsoft® 365 (M365), with the aim of gaining more information about the networks.
“These scans can be automated, via Python® scripts, to locate certain files, paths or vulnerabilities. Cyber actors can gain valuable information about the victim network, such as allocated resources, an organization’s fully qualified domain name, the IP address space, and open ports to target or exploit, ”said the notice.
Ahead of the publication of the notice, a senior US administration official said on Monday that the United States has long been concerned about the People’s Republic of China’s irresponsible and destabilizing behavior in cyberspace.
“Ministry of State Security – uses criminal hackers to conduct unauthorized cyber operations around the world, including for their own personal gain. financial gain. “
The revelation follows a joint statement released by the Group of Seven (G7) nation in June, in which they highlighted threats to freedom and democracy resulting from the manipulation of information, including disinformation, and cyber attacks.
“From the G7 and EU commitments on ransomware to the adoption by NATO of a new cyber defense policy for the first time in seven years, we are proposing a common cyber approach with our allies and setting clear expectations on the way responsible nations behave in cyberspace. “said a senior official in the US administration. (ANI)