Industrial Espionage? Not China!
"For this level of sophistication it's not a criminal group. It is a government that has capabilities that can do this kind of attack."
"Right now we're still tracking them. On Saturday we debriefed more than 25 different telcos, the biggest telcos in the world."
"They built a perfect espionage environment. They could grab information as they please on the targets that they are interested in."
"This time as opposed to in the past, we are sure enough to say that the attack originated in China."
"We managed to find not just one piece of software, we managed to find more than five different tools that this specific group used."
Lior Div, CEO, Cybereason
"Commodities made overseas from U.S.-origin technology are only subject to the entity list prohibitions if the technology and commodity are sensitive items controlled for 'national security' reasons."
"But a commodity made overseas from less-sensitive U.S.-origin technology is not subject to the entity list prohibitions."
Kevin Wolf, former head, export control section, U.S. Commerce Department
"SIA companies are committed to rigorous compliance with U.S. export control regulations. As we have discussed with the U.S. government, it is now clear some items may be supplied to Huawei consistent with the Entity List and applicable regulations."
Semiconductor Industry Association trade group
"Micron will continue to comply with all government and legal requirements just as we do in all our operations globally."
"Of course we cannot predict whether additional government actions may further impact our ability to ship to Huawei."
Sanjay Mehrotra, Micron chief executive
Telecommunications workers install an Ericsson new 5G antenna system in downtown San Diego on April 23. Ericsson fought a 'pervasive,' yearslong battle against hackers. (Mike Blake/Reuters) |
The Cloud Hopper global hacking campaign attributed to China (by the United States and its Western allies) has been identified in cyber intrusions into eight of the world's largest technology service providers. Clearly, the hackers employed by China's Ministry of State Security meant to purloin commercial secrets from the service providers' clients. An elaborate operation to lift Western intellectual property for the advancement of China's economic interests was outlined in a U.S. indictment in December.
At that time a Reuters report identified Hewlett Packard Enterprise and IBM; now six other technology service providers have been identified as among those compromised: Fujitsu, Tata Consultancy Services, NTT Data Dimension Data, Computer Sciences Corporation and DXC Technology. Over a dozen clients of the service providers were identified as having been victimized; a list inclusive of Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and Sabre, the travel reservation system.
A building registered to Huaying Haitai Science and Technology Development Co., second from left, is shown in Tianjin, China. The company is the alleged employer of two Chinese nationals indicted by the United States on hacking charges. (Thomas Peter/Reuters) |
Beijing denies all such accusations that it could have been involved in hacking. According to the Chinese Foreign Ministry, cyber-enabled industrial espionage is vehemently and conscientiously opposed by Beijing, to such thuggish manoeuvres. "The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets." A group known as APT10 in the face of a counter-offensive by security specialists and despite a 2015 U.S.-China pact to refrain from such espionage, has continued to engage in them.
The U.S. indicted two members of APT10 on charges of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft. Should they ever at some unspecified time in the unlikely future be handed over to American authorities, the two members, Zhu Hua and Zhang Shilong, would face up to 27 years in a U.S. prison. "This was a sustained series of attacks with a devastating impact", former director of Britain's GCHQ signals intelligence agency, Robert Hannigan stated.
Despite which, American technology companies have resumed the sales of products to Huawei Technologies Co. Despite its inclusion on a Trump administration blacklist and that the U.S. Commerce Department added Huawei to an entity list, designed to bar Huawei from purchasing American components and software, aiding Beijing in espionage -- not to mention the security threat involved. The U.S. tech giants operate all over the world, owning plants in Singapore, Japan and Taiwan as well as factories in China.
Huntington Ingalls feared hackers accessed data from its biggest operation, the Newport News shipyard where it builds nuclear-powered subs. It’s not clear if data was stolen. (John Whalen/U.S. Navy/Huntington Ingalls/Reuters) |
These companies can legally continue exporting some of their products to Huawei, but are prohibited from providing post-sales support such as software updates, engage in repairs or help with installation. While a product can be shipped from Taiwan to China, information on software repairs or assistance from Silicon Valley will be withheld by law, representing a significant handicap to the buyer.
"...The extent of Huawei’s military ties remains a topic of intense scrutiny in the U.S. because of the role the PLA [Peoples Liberation Army] has had in issues ranging from ratcheting up tensions in the South China Sea to alleged acts of state-sponsored hacking. Its opaque operations and far-reaching powers in a country obsessed with stability have also raised concerns. Chairmanship of the Central Military Commission is often thought to be key to maintaining power in the country, which is why Xi Jinping and his predecessors were appointed heads of the body. The leader has doubled down on a policy dubbed “civil-military integration,” which aims to harness technology for military purposes. Beijing has thus encouraged greater participation from private companies in the defence sector."
Wall Street Journal
Labels: China, Cyber Espionage, Huawei, Industrial Security, United States
<< Home