The hackers operated from China both for their own gain and with the assistance and for the benefit of the Chinese government’s Ministry of State Security. As the grand jury charged, the computer systems of many businesses, individuals and agencies throughout the United States and worldwide have been hacked and compromised with a huge array of sensitive and valuable trade secrets, technologies, data, and personal information being stolen. “The cybercrime hacking occurring here was first discovered on computers of the Department of Energy’s Hanford Site in Eastern Washington. The FBI and our international partners will not stand idly by to this threat, and we are committed to holding the Chinese government accountable.” “Cybercrimes directed by the Chinese government’s intelligence services not only threaten the United States but also every other country that supports fair play, international norms, and the rule of law, and it also seriously undermines China's desire to become a respected leader in world affairs. “Today’s indictment demonstrates the serious consequences the Chinese MSS and its proxies will face if they continue to deploy malicious cyber tactics to either steal what they cannot create or silence what they do not want to hear,” said FBI Deputy Director David Bowdich. “China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” said Assistant Attorney General for National Security John C. Hyslop and Special Agent in Charge of the FBI’s Seattle Field Division Raymond Duda. Attorney for the Eastern District of Washington William D. Demers FBI Deputy Director David Bowdich U.S. The charges were announced by Assistant Attorney General for National Security John C. More recently, the defendants probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments. In at least one instance, the hackers sought to extort cryptocurrency from a victim entity, by threatening to release the victim’s stolen source code on the Internet. Targeted industries included, among others, high tech manufacturing medical device, civil, and industrial engineering business, educational, and gaming software solar energy pharmaceuticals defense. The 11-count indictment alleges LI Xiaoyu (李啸宇), 34, and DONG Jiazhi (董家志), 33, who were trained in computer applications technologies at the same Chinese university, conducted a hacking campaign lasting more than ten years to the present, targeting companies in countries with high technology industries, including the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom. The hackers stole terabytes of data which comprised a sophisticated and prolific threat to U.S. The defendants in some instances acted for their own personal financial gain, and in others for the benefit of the MSS or other Chinese government agencies. The National Cybersecurity and Communications Integration Center (NCCIC) sent out the first one in October 2018 when they warned of ongoing attempts from state-sponsored hacking groups to breach MSPs, and especially attacks targeting cloud-based service providers.A federal grand jury in Spokane, Washington, returned an indictment earlier this month charging two hackers, both nationals and residents of the People’s Republic of China (China), with hacking into the computer systems of hundreds of victim companies, governments, non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists in the United States and abroad, including Hong Kong and China. The Secret Service alert is actually the second security alert that US authorities have sent out about attacks on MSPs. ZDNet has been told that this vulnerability and the subsequent exploitation is what prompted the Secret Service to send out its alert. In June 2020, ConnectWise patched an Automate API vulnerability that hackers had also used to breach companies and deploy ransomware. In November 2019, ConnectWise sent out an internal alert to its customers about ransomware gangs exploiting improperly configured installations of its on-premise ConnectWise Automate product to breach customer networks and deploy file-encrypting payloads. One of the largest MSP vendors on the market, ConnectWise, has had its products and services often targeted by hackers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |