16:29 GMT +321 March 2019
Listen Live
    Ransomware attacks global IT systems

    Chinese Government Linked to Decade of Political, Tech Hack Attacks - Report

    © Sputnik / Vladimir Trefilov
    Asia & Pacific
    Get short URL

    Chinese state hacking efforts could be more substantial than previously believed, according to the private security firm ProtectWise, whose 401TRG (Threat Assessment Group) claims to have linked a decade of hacking attacks to China.

    "We assess with high confidence that multiple publicly reported threat actors operate with some shared goals and resources as part of the Chinese state intelligence apparatus," reads a key judgement in the 401TRG's report. Attacks carried out by hacking groups Winnti, PassCV, APT17, Axiom, LEAD, BARIUM, Wicked Panda and GREF are alleged to be under the "Winnti umbrella," and perceived shared goals and hacking methods are said to link the Winniti umbrella to China's state intelligence apparatus.

    In rare cases, network intrusions were traced back to a district in Beijing, which researchers say is a slip-up. Shared methods include the practice of using a previously hacked network to launch new offensives. 

    "Though the TTPs (Tactics Techniques and Procedures) of the attacking teams vary depending on the operation, their use of overlapping resources presents a common actor profile," the report says.

    "Key interests during attacks often include the theft of code-signing certificates, source code and internal technology documentation. They also may attempt to manipulate virtual economies for financial gain," the report says, adding that the financial objective of the hackers is unconfirmed and secondary to political aims.

    Despite allegedly being an arm of the People's Republic of China, the report says "the financial secondary objective [of the Winnti umbrella] may be related to personal interests of the individuals behind the attacks." 

    The decade of hacks examined in the report include initial targets in the US, Japan, South Korea and China, which were gaming studios and technology businesses. However, "the broader organization's main targets are political," according to 401TRG. "Historically, this has included Tibetan and Chinese journalists, Uyghur and Tibetan activists, the government of Thailand and prominent international technology organizations," the group said.


    White House Struggles to Explain Why China Left Unpunished for 2014 Hack
    One Giant (Quantum) Leap as China Launches 'Hack-Proof' Satellite
    Obama Must Hit China With Sanctions Over Giant Data Hack - Senator
    Bad for Business: After NSA Hack China Stops Buying Major US Tech Brands
    South Korea Nuclear Reactor Hack Traced to China: Reports
    US Investigation Finds Possible Leads on Sony Hack in Russia, China, Iran
    hacking, Hack, China
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik