Mandiant links exploitation of the Fortinet zero-day CVE-2022-41328, exploited in government attacks, to a Chinese cyberespionage group.
The post Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies appeared first on SecurityWeek.
The Chinese hacker group Tick has targeted an East Asian data loss prevention firm whose customers include military and other government organizations.
The post Chinese Cyberspies Hacked DLP Company Serving Military, Government Orgs appeared first on SecurityWeek.
Malware deployed by Chinese hackers on a SonicWall SMA appliance includes credential theft, shell access, and persistence functionality.
The post Custom Chinese Malware Found on SonicWall Appliance appeared first on SecurityWeek.
So how serious is the threat of using TikTok? Should TikTok users who don’t work for the government be worried about the app, too?
The post Why TikTok Is Being Banned on Gov’t Phones in US and Beyond appeared first on SecurityWeek.
The European Union’s executive branch has banned TikTok from phones used by employees as a cybersecurity measure, reflecting widening worries over the Chinese-owned video app.
The post TikTok Banned From EU Commission Phones Over Cybersecurity appeared first on SecurityWeek.
ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.
The post EU Organizations Warned of Chinese APT Attacks appeared first on SecurityWeek.
A look at some of the lessons from the Ukraine war and how they could apply to a Taiwan conflict.
The post How Ukraine War Has Shaped US Planning for a China Conflict appeared first on SecurityWeek.
The United States on Friday blacklisted six Chinese entities it said were linked to Beijing’s aerospace programs as part of its retaliation over an alleged Chinese spy balloon that traversed U.S. airspace.
The economic restrictions followed the Biden administration’s pledge to consider broader efforts to address Chinese surveillance activities and will make it more difficult for the five companies and one research institute to obtain American technology exports.
The move is likely to further escalate the diplomatic row between the U.S. and China sparked by the balloon, which was shot down last weekend off the Carolina coast. The U.S. said the balloon was equipped to detect and collect intelligence signals, but Beijing insists it was a weather craft that had blown off course.
The incident prompted Secretary of State Antony Blinken to abruptly cancel a high-stakes trip to Beijing aimed at easing tensions.
The U.S. Bureau of Industry and Security said the six entities were being targeted for “their support to China’s military modernization efforts, specifically the People’s Liberation Army’s (PLA) aerospace programs including airships and balloons.”
“The PLA is utilizing High Altitude Balloons (HAB) for intelligence and reconnaissance activities,” it said.
Deputy Secretary of Commerce Don Graves said on Twitter his department “will not hesitate to continue to use” such restrictions and other regulatory and enforcement tools “to protect U.S. national security and sovereignty.”
The six entities are Beijing Nanjiang Aerospace Technology Co., China Electronics Technology Group Corporation 48th Research Institute, Dongguan Lingkong Remote Sensing Technology Co., Eagles Men Aviation Science and Technology Group Co., Guangzhou Tian-Hai-Xiang Aviation Technology Co., and Shanxi Eagles Men Aviation Science and Technology Group Co.
The research institute did not immediately respond to a request for comment. The other five entities could not be reached.
On Friday, a U.S. military fighter jet shot down an unknown object flying off the remote northern coast of Alaska on orders from President Joe Biden. The object was downed because it reportedly posed a threat to the safety of civilian flights, instead of any knowledge that it was engaged in surveillance.
But the twin incidents in such close succession reflect heightened concerns over China’s surveillance program and public pressure on Biden to take a tough stand against it.
The post US Blacklists 6 Chinese Entities Over Balloon Program appeared first on SecurityWeek.
An alleged Chinese surveillance balloon over the United States last week sparked a diplomatic furore and renewed fears over how Beijing gathers intelligence on its largest strategic rival.
FBI Director Christopher Wray said in 2020 that Chinese spying poses “the greatest long-term threat to our nation’s information and intellectual property, and to our economic vitality”.
China’s foreign ministry said in a statement to AFP that it “resolutely opposed” spying operations and that American accusations are “based on false information and sinister political aims”.
The United States also has its own ways of spying on China, deploying surveillance and interception techniques as well as networks of informants.
Former US president Barack Obama said in 2015 that his Chinese counterpart Xi Jinping had promised not to conduct commercial cyber spying. Subsequent statements by Washington have indicated the practice has continued.
Here are some of the ways Beijing has worked to spy on the United States in recent years:
Cyber warfare
The United States warned in a major annual intelligence assessment in 2022 that the Asian giant represents “the broadest, most active, and persistent cyber espionage threat” to the government and private sector.
According to researchers and Western intelligence officials, China has become adept at hacking rival nations’ computer systems to make off with industrial and trade secrets. In 2021, the United States, NATO and other allies said China had employed “contract hackers” to exploit a breach in Microsoft email systems, giving state security agents access to emails, corporate data and other sensitive information.
Chinese cyber spies have also hacked the US energy department, utility companies, telecommunications firms and universities, according to US government statements and media reports.
Tech fears
Fears of the threat from Beijing have seeped into the technology sector, with concerns that state-linked firms would be obliged to share intel with the Chinese government.
In 2019, the US Department of Justice charged tech giant Huawei with conspiring to steal US trade secrets, evade sanctions on Iran, and other offenses.
Washington has banned the firm from supplying US government systems and strongly discouraged the use of its equipment in the private sector over fears that it could be compromised.
Huawei denies the charges.
Similar anxiety over TikTok animates Western political debate, with some lawmakers calling for an outright ban on the hugely popular app developed by China’s ByteDance over data security fears.
Industrial and military espionage
Beijing has leaned on Chinese citizens abroad to help gather intelligence and steal sensitive technology, according to experts, US lawmakers and media reports.
One of the most high-profile cases was that of Ji Chaoqun, who in January was sentenced to eight years in a US prison for passing information on possible recruitment targets to Chinese intelligence.
An engineer who arrived in the United States on a student visa in 2013 and later joined the army reserves, Ji was accused of supplying information about eight people to the Jiangsu province ministry of state security, an intelligence unit accused of engaging in the theft of US trade secrets.
Last year, a US court sentenced a Chinese intelligence officer to 20 years in prison for stealing technology from US and French aerospace firms.
The man, named Xu Yanjun, was found guilty of playing a leading role in a five-year Chinese state-backed scheme to steal commercial secrets from GE Aviation, one of the world’s leading aircraft engine manufacturers, and
France’s Safran Group.
In 2020, a US court jailed Raytheon engineer Wei Sun — a Chinese national and naturalized US citizen — for bringing sensitive information about an American missile system into China on a company laptop.
Spying on politicians
With the goal of advancing Beijing’s interests, Chinese operatives have allegedly courted American political, social and business elites.
US news website Axios ran an investigation in 2020 claiming that a Chinese student enrolled at a university in California had developed ties with a range of US politicians under the auspices of Beijing’s main civilian spy agency.
The student, named Fang Fang, used campaign financing, developed friendships and even initiated sexual relationships to target rising politicians between 2011 and 2015, according to the report.
Police stations
Another technique used by Chinese operatives is to tout insider knowledge about the Communist Party’s opaque inner workings and dangle access to top leaders to lure high-profile Western targets, researchers say.
The aim has been to “mislead world leaders about (Beijing’s) ambitions” and make them believe “China would rise peacefully — maybe even democratically,”
Chinese-Australian author Alex Joske wrote in his book, “Spies and Lies: How China’s Greatest Covert Operations Fooled the World”.
Beijing has also exerted pressure on overseas Chinese communities and media organizations to back its policies on Taiwan, and to muzzle criticism of the Hong Kong and Xinjiang crackdowns.
In September 2022, Spain-based NGO Safeguard Defenders said China had set up 54 overseas police stations around the world, allegedly to target Communist Party critics.
Beijing has denied the claims.
The Netherlands ordered China to close two “police stations” there in November.
A month later, the Czech Republic said China had closed two such centers in Prague.
The post Spies, Hackers, Informants: How China Snoops on the US appeared first on SecurityWeek.
China said Friday it is looking into reports that a Chinese spy balloon has been flying in U.S. airspace and urged calm, adding that it has “no intention of violating the territory and airspace of any sovereign country.”
Foreign Ministry spokesperson Mao Ning also said she had no information about whether a trip to China by U.S. Secretary of State Antony Blinken planned for next week will proceed as scheduled.
At a daily briefing, Mao said that politicians and the public should withhold judgment “before we have a clear understanding of the facts” about the spy balloon reports.
Blinken would be the highest-ranking member of President Joe Biden’s administration to visit China, arriving amid efforts to mitigate a sharp downturn in relations between Beijing and Washington over trade, Taiwan, human rights and China’s claims in the South China Sea.
“China is a responsible country and has always strictly abided by international laws, and China has no intention of violating the territory and airspace of any sovereign country. As for the balloon, as I’ve mentioned just now, we are looking into and verifying the situation and hope that both sides can handle this together calmly and carefully,” Mao said.
“As for Blinken’s visit to China, I have no information,” she said.
A senior defense official told Pentagon reporters that the U.S. has “very high confidence” that the object was a Chinese high-altitude balloon and was flying over sensitive sites to collect information.
One of the places the balloon was spotted was over the state of Montana, which is home to one of America’s three nuclear missile silo fields at Malmstrom Air Force Base. The official spoke on condition of anonymity to discuss sensitive information.
Pentagon press secretary Brig. Gen. Patrick Ryder said the balloon is “currently traveling at an altitude well above commercial air traffic and does not present a military or physical threat to people on the ground.”
Ryder said similar balloon activity has been seen in the past several years and the government has taken steps to ensure no sensitive information was stolen.
President Biden was briefed and asked the military to present options, according to a senior administration official, who was also not authorized to publicly discuss sensitive information.
Defense Secretary Lloyd Austin and Army Gen. Mark Milley, chairman of the Joint Chiefs of Staff, advised against taking “kinetic action” because of risks to the safety of people on the ground. Biden accepted that recommendation.
The defense official said the U.S. has “engaged” Chinese officials through multiple channels and communicated the seriousness of the matter.
Blinken’s visit was expected to start this Sunday in an effort to try to find common ground on issues from trade policy to climate change. Although the trip has not been formally announced, both Beijing and Washington have been talking about his imminent arrival.
The senior defense official said the U.S. prepared fighter jets, including F-22s, to shoot down the balloon if ordered. The Pentagon ultimately recommended against it, noting that even as the balloon was over a sparsely populated area of Montana, its size would create a debris field large enough that it could have put people at risk.
It was not clear what will happen with the balloon if it isn’t brought down.
The defense official said the spy balloon was trying to fly over the Montana missile fields, but the U.S. has assessed that it has “limited” value in terms of providing intelligence it couldn’t obtain by other technologies, such as spy satellites.
The official would not specify the size of the balloon but said commercial pilots could spot it from their cockpits. All air traffic was halted at Montana’s Billings Logan International Airport from 1:30 p.m. to 3:30 p.m. Wednesday, as the military provided options to the White House.
A photograph of a large white balloon lingering over the area was captured by The Billings Gazette. The balloon could be seen drifting in and out of clouds and had what appeared to be a solar array hanging from the bottom, said Gazette photographer Larry Mayer.
The balloon’s appearance adds to national security concerns among lawmakers over China’s influence in the U.S., ranging from the prevalence of the hugely popular smartphone app TikTok to purchases of American farmland.
“China’s brazen disregard for U.S. sovereignty is a destabilizing action that must be addressed,” Republican Party House Speaker Kevin McCarthy tweeted.
Tensions with China are particularly high on numerous issues, ranging from Taiwan and the South China Sea to human rights in China’s western Xinjiang region and the clampdown on democracy activists in Hong Kong. Not least on that list of irritants are China’s tacit support for Russia’s invasion of Ukraine, its refusal to rein in North Korea’s expanding ballistic missile program and ongoing disputes over trade and technology.
On Tuesday, Taiwan scrambled fighter jets, put its navy on alert and activated missile systems in response to nearby operations by 34 Chinese military aircraft and nine warships that are part Beijing’s strategy to unsettle and intimidate the self-governing island democracy.
Twenty of those aircraft crossed the central line in the Taiwan Strait that has long been an unofficial buffer zone between the two sides, which separated during a civil war in 1949.
Beijing has also increased preparations for a potential blockade or military action against Taiwan, which has stirred increasing concern among military leaders, diplomats and elected officials in the U.S., Taiwan’s key ally.
The surveillance balloon was first reported by NBC News.
From an office window in Billings, Montana, Chase Doak said he saw a “big white circle in the sky” that he said was too small to be the moon.
“I thought maybe it was a legitimate UFO,” Doak said. “So I wanted to make sure I documented it and took as many photos as I could.”
The post China Says It’s Looking Into Report of Spy Balloon Over US appeared first on SecurityWeek.
