China’s president painted a picture of openness and diplomacy, but cyber activity that seems to come from the country indicate Chinese hackers pose a threat. Credit: Zachary Harden Australia is the latest country to have its national intelligence entity, “Australian Security Intelligence Organisation (ASIO), issue a warning about nation states’ activities within their area of remit.“Espionage and foreign interference is an insidious threat — activities that appear to be relatively harmless today can have significant future consequences,” wrote Duncan Lewis, director general of ASIO, in the forward of ASIO’s annual report. Lewis also noted how “espionage, foreign interference, cyber and malicious insider-related activities” continue to threaten the national security of Australia.With respect to cyber espionage, the Australian Cyber Security Center (ACSC) has “regularly observed” activity targeting the networks of the Australian government. And just a few days ago, Australia’s minister for defense industry, Christopher Pyne, confirmed in a Reuters article that 30 gigabytes of data was stolen from a defense contractor involved in the F-35 strike fighter program and the P-8 Poseidon surveillance plane. An Australian defense spokesperson said “no classified” information was compromised.What China does vs. what China saysAccording to the South China Morning Post, the hack was conducted by an entity using a tool called “China Chopper.” This tool is widely used by Chinese actors. Sadly, the Chinese didn’t need much acumen in this instance, as it was revealed that many of the services compromised still had default passwords and user-ids. While ASIO stepped over naming names in the annual report, one needs only go back a few months when Australia’s most senior defense department official, Dennis Richardson, admonished in a Reuters article, “It is no secret that China is very active in intelligence activities directed against us. It is more than cyber.”Moving forward to this week, on Oct. 18, China’s President Xi Jinping spoke for 3.5 hours at the 19th Communist Party of China’s National Congress on the state of affairs in China and to lay a few markers on the table around the country’s armed forces, ecological progress, law, openness and diplomacy. Of particular note, especially in light of the complete 180-degree contrast between what China says and what China does, are his comments surrounding openness and diplomacy.With respect to openness, Xi emphasized how China will not close its door to the world, and it will become more open. In addition, steps will be taken to ease access to China’s markets and protect foreign investors. Concerning diplomacy, he commented how China would never pursue development at the expense of others’ interests and how China’s development does not pose a threat to any nation. He continued, saying China is actively pursuing global partnerships and convergence of interests with other countries.Cyber threats posed by ChinaWhile China is speaking of openness and transparent relations, which will not pose a threat to any nation, the Sydney Morning Herald’s recent three-part expose on “China’s Operation Australia” paints a much more ominous picture. Indeed, the expose calls out the Chinese Communist Part for waging a covert campaign of influence in China. The expose further says China was working to infiltrate the political parties of Australia, and “ASIO feared the campaign was succeeding.”And that is just Australia. Couple this with the earlier call by German intelligence entities warning of the threat posed by China and Cyberscoop’s reporting on how the hacker group APT10, or MenuPass Group, continues to target entities in the U.S., EU and Japan in support of China’s national security goals. And then there’s the report from SecureWorks, describing how the “Bronze Butler” group conducted operations on behalf of China to infiltrate Japanese organizations for the purpose of exfiltrating intellectual property and confidential data. The group’s focus was on “networks involved in critical infrastructure, heavy industry, manufacturing and international relations.”While China is calling for regional stability and harmony, their actions remind companies and governments to keep their hand on both their wallet and their intellectual property. Related content news analysis China’s MSS using LinkedIn against the U.S. The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources. By Christopher Burgess Aug 31, 2018 4 mins Social Engineering Cybercrime Security news analysis Tesla insider with expired NDA spills the tech beans A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms. By Christopher Burgess Aug 30, 2018 3 mins Risk Management Security news analysis Horizon Air tragedy highlights airline insider threat vulnerability The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability. By Christopher Burgess Aug 13, 2018 4 mins Security news analysis How did the TimeHop data breach happen? Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised. By Christopher Burgess Aug 10, 2018 4 mins DLP Software Analytics Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe