Posted on September 17, 2020 at 12:50 PM
Indicted Chinese state hackers compromised over 100 companies
Following the indictment of Chinese state-backed hackers by the US Justice Department, there is new evidence that the hacking group compromised more than 100 companies.
This new information is coming from the Justice Department, as it claims the hackers infiltrated the systems of different institutions and companies, including businesses, non-profit organizations, and universities. Apart from hijacking their network, the Justice Department also claimed the hackers extorted their victims as well.
They infiltrate video game distributors and plant malware in their products as an avenue to gain access for future operations, according to John Hultquist of cybersecurity firm Mandiant.
Jeffrey Rosen, Deputy Attorney General, was speaking about the hacking incidence and China’s quest to use cyber attackers to gain intelligence from the US.
“The Chinese government has made a deliberate choice to allow its citizens to commit computer intrusions and attacks around the world,” he said in a conference.
On a similar note, Michael Sherwin, US attorney for the District of Columbia, reiterated that some of those indicted said China is providing a free license for their hacking throughout the world.
According to them, the hacking is not limited to the US, but other countries with vital intelligence that supports their cause to attain world superpower status.
The names of the indicted hackers were revealed as Fu Quang, Qian Chuan, Jiang Lizhi, Tan Dailin, and Zhang Haoran. They launched various attacks on nonprofits, government agencies, universities, technological companies, and social media companies, according to reports on the indictment.
Their massive reach is enabled by their supply chain attack, which allows them to infiltrate software companies and plant malicious codes in their products. After they have succeeded in installing the malware into other systems, they could break into the servers and steal vital information via the code they have planted.
The hackers became more sophisticated
Researchers at Crowdstrike, a security company based in California, initially called the hacking group Wicked Spider. According to the security firm, the group was initially hacking systems to make profits. However, they shifted their focus in late 2015 and expanded from hacking only gaming companies to other companies in Taiwan, South Korea, Japan, Hong Kong, Germany, and the United States.
They attacked a wide range of industries, including technology, manufacturing, chemicals, hospitality, agriculture, and other industries with intellectual property that will benefit China in the pursuit of world power status. As long as the intellectual property of the organization fits China’s blueprint for its five-year plan, the organization will be on the hackers’ radar.
They also changed their attacking method, with the hacking syndicate notorious for using similar malware when attacking systems. However, they are now using a more complex hacking mechanism that makes it more difficult to track and discover.
In 2016, security researchers discovered that the hackers called Wicked Spider have changed a lot of their operational methods, and are now working from the directives of the Chinese state intelligence unit. They even changed their name to stay under the radar.
Top companies such as Google, Alphabet, Facebook, Microsoft, and Verizon were involved in the activities leading to the discovery and arrest of the hacking unit.
The hacking incident is China’s attempt to become a world power
The U.S government confirmed this allegation on Wednesday, through a set of unsealed indictments showing the level of sophistication the Chinese hackers used to infiltrate the systems of their victims.
According to the report, the hacking incident is China’s way of attempting to advance its economy and becoming a global superpower, which has been on the country’s agenda for a long time. However, they are using the unauthorized and unlawful approach by stealing intelligence from the US organization.
The indictment report also revealed how some of the cybercriminals had previously engaged in money laundering in the video game industry by working with Malaysian nationals.
The Justice Department said the attack was among the first sets of attacks revealed by the US indictment of the Chinese nationals.
On Monday, two businessmen Ling Yang Ching and Wong Ong Hua were arrested in Malaysia on allegations of fraud and money laundering related to the hacking group.
Cyber researchers have been tracking the hackers and their criminal computer activities for some time. The group has been working using the group name Panda Spider, Wicked Panda, Winnti, Barium, or Advanced Persistent Threat 41.