Chinese hackers try to steal Russian security data, the report says

Under China’s authoritarian leader, Xi Jinping, Beijing has improved its online intelligence strategy, transforming it over the past decade into a more dynamic actress. China’s main spy agency, which borrowed a page from Russia, has hired more than its ranks, and has withdrawn from a growing group of technology workers in the country. The strategy has made its attacks more widespread and unpredictable, but analysts say it has also helped boost the country’s efforts, enabling spies to carry out covert attacks aimed at intellectual property as well as political and military intelligence worldwide.

Mr. Xi has made China’s scientific and technical capabilities a priority in the coming years, with the prospect of becoming a global leader in the fields of high technology such as robotics, medical equipment and aviation. The campaign targeting Russian defense research institutes “could be further evidence of the use of espionage in orderly and long-term efforts to achieve China’s strategic goals in technological excellence and military power,” the Check Point report said.

More recently, hackers in China, like their counterparts elsewhere, have taken advantage of the Ukrainian war to enter corporate computer systems across Europe. The hackers have raised concerns about the invasion, tricking their victims into downloading documents that falsely claim to have information about the war or to pretend to be charitable organizations donating money.

Many of the attacks from China appear to be aimed at gathering information and intellectual property, rather than causing unrest or disruption that could provoke conflict on the part of Ukraine or Russia, security researchers said.

In late March, Chinese hackers began tracking down Ukrainian agencies, according to security researchers and an announcement from Ukraine’s Internet security agency. A team of hackers known as Scarab sent documents to Ukrainian organizations that issued instructions on how to record evidence of Russian war crimes but also contained malicious software that could extract information from infected computer systems, researchers at security company SentinelOne they said.

Also in March, another Chinese-linked intelligence team, dubbed Mustang Panda, created documents that were allegedly European Union reports on the Ukraine-Belarus border conditions, and sent them by e-mail to potential targets in Europe. . But the documents contained malicious software, and victims who were tricked into opening them up allowed hackers to infiltrate their networks, Google researchers and security company Cisco Talos said.

The Mustang Panda hijacker had previously attacked organizations in India, Taiwan and Myanmar, but when the war broke out, it focused its efforts on the European Union and Russia. In March, the hijackers also tracked down organizations in Russia, sending them an e-mail that appeared to contain information about the deployment of border guards in Russia, Cisco Talos researchers said.

Leave a Comment