From Alan Turing and the team helping win WWII for the allies to cyber warfare for supremacy in the modern world, the pursuit of world domination has nudged in different directions by hacking. It has risen as the unlikely constant in the shifting world order.
China has been at the forefront of digital and economic transformation. The Red Dragon reaped the benefits of authoritarian political structure to build state-sponsored technological infrastructure. The same infrastructure that would put cold war prepped Russian tech finesse to test.
USA and China have locked horns for long in the cyberspace over the latter’s notorious activities in Cyber-Warfare, termed “Network Warfare” in Beijing.
Recently over growing concerns with China spying through its exported devices, the FCC declared Huawei and ZTE as “national security threats,” effectively barring companies from using subsidies to purchase them in the USA.
A former Chinese Hacker with an Inside Scoop
Sharpwinner, a former hacker who worked with the elite hacker group RedHacker’s Alliance, spilled some interesting detail on the Chinese hacking system, in his autobiography.
He talks about Hollywood’s portrayal of Chinese hackers, sitting in the congested rooms, and launching attacks over their targets, mainly big-shot companies. The reality is a mirror opposite of the general perception, Sharpwinner said in his book.
Imagine high-rise apartments, half-smoked expensive cigars with sophisticated network tools in various cities across the East Asian country. You would simmer to a mark, pretty close to the reality.
State-sponsored and Coordinated Cyber Warfare by China
For a second, imagine a world where the entire country’s technical resources are at your disposal with immunity to wreak havoc on the pre-planned targets. It does sound like a Michael Bay movie in foresight, but it is a reality that renowned Chinese cyber attackers are accustomed with.
The Chinese government is believed to have organized several levels of cyber-experts in the following manner:
- PLA‘s Authorized forces – Network warfare specialist: Under the Wing of Ministry of State Security.
- Specialized Military Network Warfare Forces – Specialized in network attack and defense.
- Online Blue Army – A military expansion for cyberspace in 2011 by the Ministry of Defence to protect China’s cyberspace from alleged cyber espionage by the west.
An American mouthpiece on the global political affairs has claimed that there are over 50,000 state-backed hackers in China’s cyber espionage team.
Claws of the Digital Dragon on the West
(Then and Now)
- Operation Aurora of 2007 forced West to stand and notice the notoriety of China’s cyber warfare capabilities and the succeeding threats it posed.
The attacks were advanced persistent threats by the renowned Chinese hacking squad, Elderwood Group, based in Beijing, China. Google took cognizance of the cyber attack on their Gmail accounts, in their official blog post on the incident. According to Google, the primary goal of the attack was to gain access to email accounts of Chinese human rights activists.
While the attack could not succeed on a level it was meant to be, several other companies in the health, chemical, finance, and other sectors were also in the crosshair. The ramifications were undisclosed by the other victims.
The companies included Northrop Grumman, Symantec, Yahoo, Dow Chemical, Adobe Systems, and 28 others.
- In the Covid era, Australia has been on the receiving end of the brunt, allegedly by Chinese hackers. The massive cyberattack targeted Australia’s core sectors, such as oil, education, health, and political organizations, amongst other essential industries. Experts have connected the dots of the incident to Australia’s stance on the investigation into Coronavirus origin. The stand ruffled quite a lot of feathers in Beijing.
- Rising tension in South-East Asia witnessed border disputes between India and China at Galwan valley. Amid the soaring conflict, India has witnessed a 200% rise in the cyber-attacks from China.
While no groups have come forward to take responsibility for the cyberattacks, there has been a grey undertone over State-sanctioned cyber attacks.
In retaliation, India has banned 59 Chinese apps, including the likes of TikTok, SHAREit. Furthermore, India’s state-run telecom PSUs have gradually started reducing dependence on digital hardware from China.
Other sectors to follow the tectonic shift of trade which is in the pipeline, according to the industry chatter.
The Elite Hacking Groups of China
- Honker Union, meaning red guest, are an old hacking group from mainland China is known for hacking into US government websites, databases. It was formed after the USA bombed China’s embassy in Yugoslavia.
They have been under the radar since their last attack on Japan in 2012. The attack was a result of Japan government buying an island inside China. For the next two weeks, it followed a series of attacks of banks, universities, schools, and other state-sponsored organizations.
- APT40 is a key hacking group for the state authorities of China. It has been wildly active in the last decade. They mainly target countries that are important to China’s Belt and Road initiative.
An expert from FireEye has revealed that APT40 hides behind the cloak of 13 shell companies, and the group operates from the Hainan province of China.
Further technical reading on #Hainan connection for #APT40 / Periscope: https://t.co/UTOtoux3H4
I *think* @MrDanPerez even did specific attribution on #StateOfTheHack. Ahoy! ??
— Nick Carr (@ItsReallyNick) January 9, 2020
In a post on Mr. Gu by IntrusionTruth, a key figure in the hacker group appears to be behind recruitments for the group. The recruitment strategy of APT40, which feels like straight out of a Netflix special, is all about grass-root raw talent scouting. A university professor, who is a former military soldier, help recruit young talents for Mr. Gu from the university. The process involves a “seminar” which encourage students of any specialism with interest in cybersecurity to attend a session hosted by Hainan Xiandun(alleged front company)
- Gothic Pandas(also known as APT3, Buckeye, UPS Team, and TG-0110) is a cyberespionage group from China. They have been active for over half a decade.The Pandas have shown interest in stealing international trade secrets and supply chain information from countries like India, Brazil, Japan, Canada, and the USA.
Over to You
It is a never-ending piece when you are writing about cybersecurity, network warfare originating from China. I will talk about their recent attacks as things take shape. Watch out this space for more.