Experts On News: U.S. Charges Chinese Cybercriminals With Hacking Over 100 Companies

It has been reported that on Wednesday the U.S. Justice Department has charged five Chinese nationals in connection with the hacking of more than 100 American and foreign companies as well as of nonprofits and universities. The department also charged two Malaysian businessmen with conspiring with two of the indicted Chinese nationals to target companies in the billion-dollar computer game industry. American officials say Malaysian authorities have arrested the businessmen, who now face extradition to the United States. “The intrusions, which security researchers have tracked using the threat labels ‘APT41,’ ‘Barium,’ ‘Winnti,’ ‘Wicked Panda,’ and ‘Wicked Spider,’ facilitated the theft of source code, software code signing certificates, customer account data, and valuable business information,” prosecutors said.

Full story here:

https://edition.cnn.com/2020/09/16/politics/chinese-nationals-cyberhacking/index.html

Experts Comments

September 18, 2020
Hank Schless
Senior Manager, Security Solutions
Lookout
These indictments indicate how malicious actors are diversifying their tactics to achieve a broader range of outcomes. In particular, breaching gaming companies to steal in-game items and currency for real-world profit rather than stealing corporate data means security teams need to be sure their efforts are well-distributed across both internal and external systems. The attackers were able to gain access to internal networks and likely moved laterally across the infrastructure to identify the.....Read More
These indictments indicate how malicious actors are diversifying their tactics to achieve a broader range of outcomes. In particular, breaching gaming companies to steal in-game items and currency for real-world profit rather than stealing corporate data means security teams need to be sure their efforts are well-distributed across both internal and external systems. The attackers were able to gain access to internal networks and likely moved laterally across the infrastructure to identify the most profitable items. Unauthorized access to the infrastructure oftentimes starts with a phishing attack. Threat actors will target particular employees and phish their credentials in order to get access to particular parts of the infrastructure. These days, phishing attacks primarily start outside of the traditional email channels. The primary channels are now SMS, social media platforms, third-party chat platforms, direct messages in gaming apps, and others that are primarily accessed on mobile devices.  Read Less
September 18, 2020
Sam Curry
Chief Security Officer
Cybereason
The drumbeat we hear in the background today resulting from today's U.S. Department of Justice indictments of Chinese nationals for hacking more than 100 companies, is China denying any role in espionage, hacking and/or other malicious activity against the U.S. And while we know full well what China is capable of and what their country has been actively involved in over the years, it comes down to a she said, Xi said moment in terms of accountability. Rest assured that Xi Jinping will either.....Read More
The drumbeat we hear in the background today resulting from today's U.S. Department of Justice indictments of Chinese nationals for hacking more than 100 companies, is China denying any role in espionage, hacking and/or other malicious activity against the U.S. And while we know full well what China is capable of and what their country has been actively involved in over the years, it comes down to a she said, Xi said moment in terms of accountability. Rest assured that Xi Jinping will either deny the allegations himself or we'll hear from one of his spokespeople that China would never be involved in such heinous activity. Unfortunately, it is unlikely any of these nationalists will face justice in a U.S. courtroom. The Chinese are a cyber superpower and they are responsible for billions of dollars in IP theft annually from thousands of companies. Companies and government agencies need to take today's indictments seriously and heed the warning. It is imperative that they invest in improving their network defenses against these types of blatant and egregious espionage related activities. It is critical for all companies to invest in threat hunting services that are deployed around the clock like security guards are to protect physical property. Today's well trained cyber security guards have the skills to spot malicious computer network activity that put an end to massive amounts of IP theft and loss.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts