The US government on Wednesday said that a hacking group widely known as cloudhopper, which Western cybersecurity firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients.
The US Department of Homeland Security issued a technical alert for cloudhopper, which it said was engaged in cyberespionage and theft of intellectual property, after experts with two prominent US cybersecurity companies earlier this week said that Chinese hacking activity has surged amid an escalating trade war between Washington and Beijing.
Chinese authorities have repeatedly denied claims by Western cybersecurity firms that it supports hacking.
The department released the information to support US companies in responding to attacks by the group, which is targeting information technology, energy, healthcare, communications and manufacturing firms.
“These cyberthreat actors are still active and we strongly encourage our partners in government and industry to work together to defend against this threat,” department National Protection and Programs Directorate Undersecretary Christopher Krebs said in a statement.
The reported increase in Chinese hacking follows what cybersecurity firms have described as a lull in such attacks prompted by a 2015 agreement between Chinese President Xi Jinping (習近平) and former US president Barack Obama to curb cyberenabled economic theft.
“I can tell you now unfortunately the Chinese are back,” Dmitri Alperovitch, chief technology officer of US cybersecurity firm CrowdStrike, said on Tuesday at a security conference in Washington.
“We’ve seen a huge pickup in activity over the past year and a half. Nowadays they are the most predominant threat actors we see threatening institutions all over this country and western Europe,” he said.
Analysts with FireEye, another US cybersecurity firm, said that some of the Chinese hacking groups it tracks have become more active in recent months.
Wednesday’s alert provided advice on how US firms can prevent, identify and remediate attacks by cloudhopper, which is also known as Red Leaves and APT10.
The hacking group has largely targeted firms known as managed service providers (MSPs), which supply telecom, technology and other services to businesses around the globe.
MSPs are attractive targets, because their networks provide routes for hackers to access sensitive systems of their many clients, FireEye senior intelligence manager Ben Read said.
“We’ve seen this group route malware through an MSP network to other targets,” Read said.
‘NO EQUILIBRIUM’: Taiwan’s increased defense spending is a good step, but it needs to do more to have the ability to deter aggression from China, a senior US official said The US plans to sell as many as seven major weapons systems — including mines, cruise missiles and drones — to Taiwan, four people familiar with the discussions said. Pursuing seven sales at once is a rare departure from years of precedent in which US military sales to Taiwan were spaced out and carefully calibrated to minimize tensions with Beijing. However, US President Donald Trump’s administration has this year become more aggressive with China, and the sales would land as relations between Beijing and Washington are at their lowest point in decades over accusations of spying, lingering trade tensions, disputes about the
ON THEIR OWN: The KMT has decided not to participate as a party at this year’s forum, and if any members do go, they would not be representing the party, Alicia Wang said The Chinese Nationalist Party (KMT) yesterday announced that it would not send a delegation “as a political party” to this year’s Straits Forum, after a Chinese TV program described the planned visit to the annual meeting as “suing for peace.” The 12th forum is scheduled to open in Xiamen, China, on Saturday. On Tuesday last week, the KMT announced that former legislative speaker Wang Jin-pyng (王金平) would lead the party’s delegation to the forum, with KMT Secretary-General Lee Chien-lung (李乾龍) as deputy head. However, on Thursday last week, China Central Television’s (CCTV) Yangshipin (央視頻) program, hosted by Li Hong (李紅), included a headline
RIVERSIDE CAMP: As rescuers continued their search for a missing man, Taipower said that the floodgates at a hydro plant on the Lishi Creek opened due to a malfunction Three people have been confirmed dead and one was missing after being swept away by a flash flood while camping in Nantou County’s Renai Township (仁愛), police said yesterday. Six people from two families were camping near Lishi Creek (栗栖溪) when the riverbanks were suddenly flooded just after 4am, carrying away four of the campers — including two children — who were asleep in their tents, police said. A man who was among those swept away was able to climb ashore and call for help, police said, adding that another man had gone missing in the turmoil at the campsite.
WORKING OVERTIME? NTU professor Lee Duu-jong denied that he had held a part-time position at a Chinese university or joined China’s Thousand Talents Program A candidate for the post of National Taiwan University of Science and Technology (NTUST) president yesterday dropped out of the race following a report questioning his links to Chinese academia and government programs. Lee Duu-jong (李篤中), a professor at National Taiwan University’s (NTU) chemical engineering department, was a member of China’s Changjiang Scholars’ Program in 2006 and was on the list of its Thousand Talents Program in 2017, a report by Chinese-language Mirror Media magazine said yesterday. The article said that Lee is suspected of having held a part-time job at the Harbin Institute of Technology in China and was the recipient