economic espionage – Page 5

Trump administration says China broke Obama-Xi hacking agreement

Posted on March 22, 2018 by Chris Bing

The Trump administration explicitly called out the Chinese government Thursday for having hacked U.S. companies to steal business secrets in recent years. The disclosure means the U.S. government believes China broke a 2015 agreement reached by then-President Barack Obama and Chinese President Xi Jinping that was aimed at curbing cyber economic espionage between the two countries. A Department of the Treasury investigation detailed in a 215-page report published Thursday finds multiple cases where China had continued to conduct economic cyber espionage after the 2015 arrangement was announced. The report does not, however, explain these incidents with any specifics. “After a major debate in the private sector cybersecurity community over the past three years about the level of Chinese cyber activity directed against U.S. organizations and its meaning related to China’s commitments, the 301 report can be read as effectively ruling that China is in violation of the 2015 Obama-Xi accord on cyber […]

The post Trump administration says China broke Obama-Xi hacking agreement appeared first on Cyberscoop.

Continue reading Trump administration says China broke Obama-Xi hacking agreement→

China’s Economic Espionage via the Non-Attributable Hand

Posted on December 21, 2017 by Christopher Burgess

As we come to the end of the tumultuous 2017, the award for sleight of hand perhaps should go to China and its intelligence apparatus, the Ministry for State Security (MSS) and People’s Liberation Army (PLA), as they continue to harvest intellectual pr… Continue reading China’s Economic Espionage via the Non-Attributable Hand→

US indicts three Chinese nationals for alleged cyberattacks

Posted on November 29, 2017 by Taylor Armerding

The three men are accused of hacking into at least three multinational corporations over the past seven years. Continue reading US indicts three Chinese nationals for alleged cyberattacks→

Chinese hackers starting to return focus to U.S. corporations

Posted on November 6, 2017 by Chris Bing

Security researchers recently found a hacking group with suspected ties to the Chinese government engaged in what appears to be corporate espionage against multiple U.S. companies. The findings underscore an emerging, albeit opaque trend in which hackers linked to Beijing are conducting economic, cyber-enabled espionage, despite the Chinese Communist Party agreeing to stop such activity against the U.S. as part of a 2015 agreement between Chinese President Xi Jinping and U.S President Barack Obama. Experts say the 2015 truce resulted in a noticeable downturn in economic espionage. But there are signs the agreement may be deteriorating under the Trump administration. According to recent research by multinational services giant PwC, a hacking group known as “KeyBoy” has returned to the fold with a data theft campaign aimed primarily at Western organizations. The operation, PwC Threat Intelligence Analyst Bart Parys told CyberScoop, shows the continued technical development of a previously reported group that has apparently […]

The post Chinese hackers starting to return focus to U.S. corporations appeared first on Cyberscoop.

Continue reading Chinese hackers starting to return focus to U.S. corporations→

Research claims CCLeaner attack carried out by Chinese-linked group

Posted on October 2, 2017 by Chris Bing

Security researchers increasingly believe that an elite Chinese hacking group broke into British software maker Piriform to booby trap popular file cleaning program CCleaner, according to research and private analysis provided to CyberScoop. New research published Monday by Israeli cybersecurity startup Intezer Labs, authored by senior security researcher Jay Rosenberg, adds support to the conclusion that Chinese hackers tried to gain access to a small number of multinational telecommunications and technology companies. Check out my latest blog post on the stage 2 payload of the #ccleaner attack! Special thanks to @TalosSecurity and @kaspersky https://t.co/YgYjfE3Jo3 — Jay Rosenberg (@jaytezer) October 2, 2017 Although attributing a data breach to a specific hacker group remains an imperfect science, recently uncovered evidence contains technical indicators that overlap with those used by an advanced persistent threat (APT) group codenamed Axiom Group, security researchers at multiple cybersecurity firms told CyberScoop. In addition to Intezer Labs’ analysis, […]

The post Research claims CCLeaner attack carried out by Chinese-linked group appeared first on Cyberscoop.

Continue reading Research claims CCLeaner attack carried out by Chinese-linked group→

Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets

Posted on September 20, 2017 by Chris Bing

A Iranian hacking group has been targeting aerospace and energy companies in Saudi Arabia, South Korea and the U.S. since at least 2013 as part of an expansive cyber espionage operation to both gather intelligence and steal trade secrets, according to new research published Wednesday by U.S. cybersecurity firm FireEye. This advanced persistent threat group (APT) is labeled APT33 by FireEye. Wednesday’s report by FireEye offers a distinct view of the group’s activity. APT33 is likely related to hacking campaign dubbed StoneDrill by Kaspersky Lab, researchers say. Based on information that appears to have been accidentally left behind in past attacks, analysts believe APT33 is linked to the Iranian government. Most of the group’s operations to date have largely focused on sending targeted phishing emails with malware-laden HTML links to infect specific computers with a custom backdoor implant known as “TURNEDUP.” But there’s also some evidence to suggest they’re capable of launching data […]

The post Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets appeared first on Cyberscoop.

Continue reading Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets→

Iranian hackers heisted U.S. defense software for clients blocked by sanctions, indictment says

Posted on July 18, 2017 by Chris Bing

A group of Iranian hackers broke into multiple U.S. defense contractors between 2007 and 2013 in order to steal intellectual property, software and other proprietary information that they then sold to foreign enterprises and governments, including the Iranian government, according to a newly unsealed indictment by the Department of Justice. The indictment, published Monday, effectively shows how the Iranian government may have been able to circumvent previous export sanctions tied to the sale and purchase of U.S. defense technology by employing a group of contracted freelance hackers who would steal software products through a network of compromised computers based in the United States. The hackers allegedly stole software from Vermont-based engineering consulting and software design company Arrow Tech Associates and sold it to Iranian clients. The product, PRODAS, is a software platform designed for aerodynamics analysis and design for projectiles. It sells for $40,000 to $800,000, and customers receive a dongle to download a software license from […]

The post Iranian hackers heisted U.S. defense software for clients blocked by sanctions, indictment says appeared first on Cyberscoop.

Continue reading Iranian hackers heisted U.S. defense software for clients blocked by sanctions, indictment says→

Leaked Hacking Team tools were used by group stealing East Asian IP

Posted on June 23, 2017 by Chris Bing

A sophisticated and “well-funded” hacking group with a penchant for stealing intellectual property and other trade secrets is wreaking havoc in East Asia by exploiting a series of old, publicly acknowledged software vulnerabilities, according to research conducted by TrendMicro. The findings are significant because it exposes an active regional threat that continues to invest in new hacking capabilities — including unique backdoor implants and an exfiltration tools — while apparently running multiple, active economic espionage operations. Dubbed “BlackTech” by security reachers, the clandestine unit is believed to be associated with three separate campaigns dating back to at least 2010. During that time frame, BlackTech relied on a similar server infrastructure to launch attacks but used various different tools and techniques against organizations, allowing them to move laterally across victim networks and ultimately attempt to exfiltrate sensitives files. “We are confident attributing these three campaigns to BlackTech given the backend infrastructure used and target overlap,” […]

The post Leaked Hacking Team tools were used by group stealing East Asian IP appeared first on Cyberscoop.

Continue reading Leaked Hacking Team tools were used by group stealing East Asian IP→

Experts warn Congress of the return of Chinese IP theft

Posted on June 14, 2017 by Chris Bing

Hackers working for the Chinese government again appear to be conducting economic espionage against private U.S. companies and other American organizations, experts told lawmakers Tuesday during an open Senate Committee on Foreign Relations hearing. Cybersecurity experts have stated that Chinese cyber espionage operations — hacking activities aimed at stealing trade secrets, intellectual property or other confidential business information — has substantially declined in the wake of an agreement struck between former President Barack Obama and Chinese President Xi Jinping in September 2015. But at least “anecdotally,” there has been a re-emergence of related economic espionage by Chinese hackers aimed at U.S. entities, according to Samantha Ravich, a current senior adviser to D.C.-based think tank the Foundation for Defense of Democracies. Over the last year, the FDD has established a team to study what it defines as “economic warfare.” “It seems there was a dip at first but the anecdotes that are […]

The post Experts warn Congress of the return of Chinese IP theft appeared first on Cyberscoop.

Continue reading Experts warn Congress of the return of Chinese IP theft→

U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers

Posted on April 28, 2017 by Chris Bing

An “emerging” international cyber-espionage campaign by a group with suspected ties to the Chinese government is affecting a growing number of companies globally, according to a warning from the U.S. government. Cybersecurity researchers and intelligence analysts have been tracking the hacker group known as APT10 or MenuPass Group since at least 2009. In the past, the group has targeted construction, engineering, aerospace and telecom companies as well as government agencies in the U.S., Europe and Japan. APT10’s past activity suggests it acts in “support of Chinese national security goals, including acquiring valuable military and intelligence information as well as the theft of confidential business data to support Chinese corporations,” according to cybersecurity firm FireEye, which has extensively monitored and studied the group. The U.S. National Cybersecurity and Communications Integration Center continues to review APT10’s recent activity and said it is working with victims “across different sectors,” according to a U.S. Computer […]

The post U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers appeared first on Cyberscoop.

Continue reading U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers→