For greater than two years, China’s authorities has been trying to painting the US as indulging in the identical sort of cyber espionage and intrusion actions because the latter has accused of finishing up over the previous a number of years.
A current examination of Beijing’s claims by researchers at SentinelOne discovered most of them to be unsubstantiated, typically primarily based on beforehand leaked US intelligence and missing any technical proof. Nevertheless, that has not stopped the Chinese language authorities from pursuing its misinformation marketing campaign in an try and divert consideration from its personal hacking actions, SentinelOne mentioned.
“China hopes to change global public opinion on Chinese hacking,” says Dakota Cary, strategic advisory marketing consultant at SentinelOne. “China aims to show itself as the victim of US hacking operation and show how the US is the perpetrator of hacking operations.”
So far, the marketing campaign has met with some restricted success, as China’s claims have made their way into western media outlets like Reuters, he says. In the meantime, the SentinelOne report comes amid a backdrop of heightened alarm within the US about China’s insidious and persistent intrusion campaigns into US critical infrastructure by Chinese language menace teams comparable to Volt Hurricane.
Calling Out China’s Hacking Operations
The instant impetus for China’s efforts to push a US hacking narrative seems to be a considerably extraordinary joint declaration by the US, UK, and European Union governments in July 2021 accusing the federal government of indulging in malicious “irresponsible and destabilizing behavior in cyberspace.” The declaration, amongst different issues, blamed the Chinese language authorities of hiring “criminal contract hackers to conduct unsanctioned cyber operations globally, including for their own personal profit.”
The White Home assertion contained a reference to charging paperwork unsealed in 2018 and 2020 that accused hackers working with China’s Ministry of State Safety (MSS) of taking part in ransomware assaults, crypto-jacking, cyber extortion, and “rank theft”. It additionally introduced felony prices towards 4 people on the MSS for partaking in cyber campaigns to steal mental property and commerce secrets and techniques from organizations within the aviation, protection, maritime, and different sectors within the US and different nations.
The US allegations got here shortly after an incident the place attackers — later recognized as working for the MSS — exploited 4 zero-day bugs in Microsoft Exchange to compromise tens of thousands of computer systems worldwide. What proved particularly irksome was the obvious choice by the Chinese language hacking group to automate their assault and to share particulars of the vulnerability with others when it grew to become obvious that Microsoft was able to launch a patch for the failings, SentinelOne mentioned.
“The joint statement so irked the PRC government that it began a media campaign to push narratives about US hacking operations in global media outlets,” the safety vendor mentioned.
China Launches Coordinated Disinformation Marketing campaign
China’s makes an attempt to get again on the US embrace having some cybersecurity companies within the nation coordinate publication of stories about US hacking exercise, then utilizing authorities companies and state media to amplify their affect.
Since early 2022, state media in China started releasing English-language variations of cyber menace intelligence stories from Chinese language safety companies. The English-language World Instances, a publication that typically displays the official views of the Chinese language Communist Get together, talked about NSA-related hacking instruments and operations 24 occasions in 2022, in comparison with simply twice the previous 12 months, SentinelOne discovered.
In 2023, the publication ran a series of articles on US intelligence companies allegedly hacking into seismic sensors on the Wuhan Earthquake Monitoring Heart. The articles have been apparently primarily based on a report from Chinese language cybersecurity agency Qihoo360 and one other Chinese language authorities entity. And final April, China’s cybersecurity business alliance printed a report that chronicled greater than a decade of analysis on US cyberattacks such because the Stuxnet marketing campaign on Iran’s Natanz nuclear facility.
US Hacks on China: A Lack of Proof
Based on SentinelOne, most of China’s stories usually are not backed by any technical proof of the kind that cybersecurity companies within the US and another nations present when disclosing nation-state campaigns. The Global Times article on the assaults at Wuhan’s earthquake monitoring facility, for example, quotes a Qihoo360 report that isn’t publicly accessible wherever. Even so, the report garnered some consideration within the US, with several media outlets working with the story, SentinelOne mentioned.
Stories that do have some type of attribution or proof are sometimes primarily based on leaked US intelligence paperwork comparable to Edward Snowden’s leaksthe Vault 7 leaksand the Shadow Brokers leaks, Cary says. In actual fact, of the 150 or so citations within the report from China’s cybersecurity alliance, lower than a 3rd are from Chinese language distributors.
“We don’t know if China’s cybersecurity companies have the data to back up claims of US hacking,” Cary says. It’s seemingly that such information does exist someplace within the PRC, however it’s unclear if it might show their claims, he notes, including, “What we can say is that China’s legal regime and political system have decided against the publication of any such data.”
Author: Jai Vijayan, Contributing Author
Date: 2024-02-12 06:00:00