A U.S.-Israeli cybersecurity firm has exposed a massive Chinese state-linked hacking operation that managed to infiltrate American, European, and Asian multinationals, The Times of Israel reported Monday.
Massachusetts-based Cybereason found that a Beijing-backed hacker outfit, which goes by the name APT 41, stole industrial secrets worth trillions of dollars with an apparent aim to boost the Chinese state-controlled economy.
The Chinese regime-backed hacker “group has existed since at least 2010 and is believed to be operating on behalf of Chinese state interests and specializes in cyberespionage and intellectual property theft,” the report released by the cyber security firm said.
The exposed Chinese industrial espionage ring has a worldwide reach, the research conducted by Cybereason disclosed. “According to the cybersecurity researchers, the covert attacks have been focused on infiltrating the networks of technology and manufacturing companies in Europe, Asia, and North America, focusing on stealing sensitive proprietary information,” the tech news website ZDNet reported this week, citing the revelations.
The Chinese hacker outfit stole intellectual property worth trillions belonging to U.S. and international firms, the estimates showed. “Chinese hackers took trillions in intellectual property from about 30 multinational companies,” CBS News noted. “The FBI estimated in its report that the annual cost to the U.S. economy of counterfeit goods, pirated software, and theft of trade secrets is between $225 billion and $600 billion,” the broadcaster added.
The Times of Israel reported U.S.-Israeli cybersecurity firm’s findings:
An Israeli-American cybersecurity firm said Monday that it uncovered a “massive” hacking operation, apparently led by a hacking group believed to be backed by China, that had engaged in intellectual property (IP) theft and industrial espionage on three continents.Cybereason, which is headquartered in Boston with offices in Tel Aviv, London, and Tokyo, said the group employed sophisticated methods and worked in an elusive manner to target technology and manufacturing companies in the US, Europe, and Asia and steal sensitive proprietary information.Assaf Dahan, senior director and head of threat research at Cybereason, told The Times of Israel that the ring, known as the Winnti Group (and also tracked as APT41, Blackfly and Barium in cybersecurity circles) was “one of the most prolific and industrious groups in the cyber threat landscape,” and is known to operate on behalf of Chinese state interests.The group has been active since at least 2010. Some known members of the group were indicted in 2020 by the US Department of Justice for computer crimes against some 100 companies in the US and other countries, including software development companies, computer hardware manufacturers, telecommunications providers, and gaming firms.Dahan said Cybereason’s research showed that the Winnti Group engaged in “intellectual property theft and cyber espionage on a grand scale” since at least 2019, and possibly before. Cybereason began its research into the group’s industrial espionage operations last year, having been alerted by one of the targeted companies that something “funky” was afoot in its network, said Dahan, who is based in London.
The Chinese theft of U.S. and Western intellectual property is deeply tied to the regime’s military program. Under Xi Jinping, China has adopted a policy of Military-Civil Fusion (MCF) which gives Chinese military sweeping powers over country’s investments, companies, and universities to get its hands of cutting-edge technology.
The Chinese civil-military axis aims to “develop the People’s Liberation Army (PLA) into a “world class military” by 2049 ,” a Trump-era State Department report said. “Under MCF, the CCP is acquiring the intellectual property, key research, and technological advances of the world’s citizens, researchers, scholars, and private industry in order to advance the CCP’s military aims,” the document concluded.
China’s malicious cyber activities have alarmed neighboring Asian powers. On Thursday, South Korea became the first Asian country to join the elite NATO cyber defense group. The NATO “Cooperative Cyber Defence Centre of Excellence trains specialists from member states to work together to fend off cyberattacks and South Korea is the fifth non-Nato member to sign up for it,” the Hong Kong-based newspaper South China Morning Post commented.
The South Korea’s move angered Beijing. The Chinese Communist Party-run “Global Times claimed that “the US-led NATO is turning South Korea into a pawn against China and Russia in cyber defense,” another Hong Kong daily Asia Times reported.
The CCP mouthpiece concealed China’s active support for North Korea’s ongoing cyberwar against Seoul. Beijing’s backing for the North Korean hackers ranges “[f]rom hosting North Korean cyberunits in border cities such as Shenyang to training them at Chinese technology universities and research institutes, the CCP enables North Korea’s maliciousness in cyberspace,” the U.S.-based journal Foreign Policy noted in February 2022.
With an eye on China, India also wants to boost cyber security ties with the U.S., the Indian media reported earlier this year.
South Korea joins NATO cyber defense unit, angers China
becoma
CLICK HERE FOR FULL VERSION OF THIS STORY