U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

China admitted the existence of Information warfare units

For the first time China has publicly admitted the existence in its military organization of special information warfare units.  Since quite some time that security experts sustain that China has one of the most advanced cyber army that is responsible for carried some of the highest profile cyber-attacks, but the Government of Beijing China always […]

China

For the first time China has publicly admitted the existence in its military organization of special information warfare units. 

Since quite some time that security experts sustain that China has one of the most advanced cyber army that is responsible for carried some of the highest profile cyber-attacks, but the Government of Beijing China always denied any involvement.  In 2013, The Mandiant Intelligence Center released a shocking report that revealed an enterprise-scale computer espionage campaign dubbed APT1.  The evidences collected by the security experts link APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398), according to the experts the operations started in 2006 and targeted 141 victims across multiple industries.

APT1_Activity China

In the last edition of PLA publication titled “The Science of Military Strategy”,  China reveals that has capabilities and explicitly refers a “specialized units devoted to wage war on computer networks.

The expert Joe McReynolds told to the TheDailyBeast that this it’s a judge change in China posture respect the past:

“he first time they’ve come out and said, ‘Yes, we do in fact have network attack forces, and we have teams on both the military and civilian-government sides,’” reports McReynolds .

The document also confirms the existence of internal law enforcement and intelligence agencies, the China’s equivalents of the CIA and the FBI.

Of course the public admission of the cyber army made by the government has political and diplomatic implications on the relationship with other governments, in particular with the United States.

“It means that the Chinese have discarded their fig leaf of quasi-plausible deniability,” McReynolds said. “As recently as 2013, official PLA [People’s Liberation Army] publications have issued blanket denials such as, ‘The Chinese military has never supported any hacker attack or hacking activities.’ They can’t make that claim anymore.”

McReynolds said that China divided its Cyber army in 3 sub-groups:

  • specialized military network warfare forces: “employed for carrying out network attack and defense” 
  • specialists in civilian organizations: ” have been authorized by the military to carry out network warfare operations.”
  • external entities: “that can be organized and mobilized for network warfare operations”

All the above groups are engaged in hacking campaign, security speculate their involvement in cyber espionage operations operated against private companies to steal intellectual property and sensitive data.

It means that the Chinese have discarded their fig leaf of quasi-plausible deniability,” McReynolds said. “As recently as 2013, official PLA [People’s Liberation Army] publications have issued blanket denials such as, ‘The Chinese military has never supported any hacker attack or hacking activities.’ They can’t make that claim anymore.

McReynolds continues and says:

“With the Chinese now explicitly acknowledging that the [ministry] has network warfare forces stationed within it, the United States and other targets of Chinese state-sponsored hacking will have to weigh carefully whether cooperation with the MPS on cybercrime is worth the risks,”

China in only one of the country with a dedicated cyber unit, Russia, North Korea, Iran, and of course, the US have also high sophisticated information warfare capabilities.

Every country aims to impose a dominance on the cyberspace that is a strategic domain for warfare, security experts believe that a major cyber attack as act of war will happen soon.

I contacted Bill Hagestad II, one of the most important Internationally cyber-intelligence & counter-intelligence professional, for a comment:

“The news is nothing new…albeit great that Chinese Hacking & the PLA is making the headlines, it is mere sensationalism and self-promotion – not really contributing anything new to the study of Chinese Military Cyber Doctrine Development.” Hagestad said. “Theories about Chinese military use of computers as a weapon system began some would argue with Major General Wang Pu Feng in 1995”

The complete interview that will be available in the next post.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own bloghttp://high54security.blogspot.com/

with Pierluigi Paganini

(Security Affairs – China, Information warfare)