US intelligence agencies have released a joint advisory accusing China of malicious cyber activities and exposing more than 50 tactics allegedly used by hackers thought to be affiliated with Beijing
WASHINGTON (Pakistan Point News / Sputnik - 19th July, 2021) US intelligence agencies have released a joint advisory accusing China of malicious cyber activities and exposing more than 50 tactics allegedly used by hackers thought to be affiliated with Beijing.
"The National Security Agency [NSA], Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and Allied cyberspace assets. Chinese state-sponsored cyber actors aggressively target U.S. and allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information (PII)," the joint cybersecurity advisory (CSA) said.
The CSA exposes over 50 tactics and techniques claimed to have been used by Chinese state-sponsored cyber actors to target US and allied networks.
"Chinese state-sponsored cyber actors consistently scan target networks for critical and high vulnerabilities within days of the vulnerability's public disclosure. In many cases, these cyber actors seek to exploit vulnerabilities in major applications, such as Pulse Secure, Apache, F5 Big-IP, and microsoft products," the advisory stated, adding that these "actors" often take effort to mask their activities by using a revolving series of virtual private servers (VPSs).
The NSA, CISA, and the FBI claim that Chinese state-sponsored cyber actors have performed reconnaissance on Microsoft 365, have used short-term VPS devices to scan and exploit vulnerable Microsoft Exchange Outlook Web Access and plant webshells and have targeted hybrid cloud environments to gain access to cloud resources.
A senior US administration official said in a press call on Sunday that China's Ministry of State Security uses criminal contract hackers to conduct cyber operations globally, including such activities as cyber-enabled extortion, crypto-jacking, and theft from victims for financial gain.
"The administration has funded five cybersecurity modernization efforts across the federal government to modernize network defenses to meet the threat. These include state-of-the-art endpoint security, improving logging practices, moving to a secure cloud environment, upgrading security operations centers, and deploying multi-factor authentication and encryption technologies. The latter could be deployed fully within six months," the US official said.
China has repeatedly dismissed Western allegations that it was behind certain cyberattacks, expressing readiness to cooperate on cybersecurity matters. According to the Chinese Foreign Ministry, under the guise of cyberdefense, the US puts pressure on companies in other countries, trying to oust competitors and maintain its hegemony on the internet.
