Hackers for sale: what we've learned from China's massive cyber leak
(www.theguardian.com)
from Bebo@literature.cafe to technology@lemmy.world on 26 Feb 2024 10:43
https://literature.cafe/post/7332866
from Bebo@literature.cafe to technology@lemmy.world on 26 Feb 2024 10:43
https://literature.cafe/post/7332866
A massive data leak from a Chinese cybersecurity firm has offered a rare glimpse into the inner workings of Beijing-linked hackers. Analysts say the leak is a treasure-trove of intel into the day-to-day operations of China’s hacking programme, which the FBI says is the biggest of any country.
threaded - newest
This is the best summary I could come up with:
Government agencies of China’s neighbours, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites or email servers compromised, the leak revealed.
I-Soon staff also boasted in leaked chats that they secured access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia, among others.
Judging from the leaks, most of I-Soon’s customers were provincial or local police departments – as well as province-level state security agencies responsible for protecting the Communist party from perceived threats to its rule.
In their chats, I-Soon staffers told colleagues their main focuses were making “trojan horses” – malware disguised as legitimate software that allows hackers access to private data – and building databases of personal information.
Employees’ chats are full of complaints about office politics, lack of basic tech expertise, poor pay and management, and the challenges the company faced in securing clients.
And in another leaked chat, a staffer complained to their colleague that their boss had recently bought a car worth over 1m yuan ($139,000) instead of giving their team a pay rise.
The original article contains 715 words, the summary contains 172 words. Saved 76%. I’m a bot and I’m open source!
“America says other country hacks more than America.”
The United States is woefully behind in almost every area of cybersecurity both defensive and offensive. While the FBI is quoted here, the international cybersecurity community would most likely agree. China has more bodies than Russia and is able to field a larger presence. The NSA is a shell of what it once was and the ability of the US to pull of something like Stuxnet again would only be possible through allies like Israel.
.
The DoD’s initiatives are coming way too late. Private industry is much more lucrative and without a pipeline like, say, Unit 8200, there’s no hook to pull people in. Thirty years ago when the NSA controlled the entire stack, math to hardware to code, it was a different story. In undergrad I regularly attended lectures by mathematicians who were finally able to talk about combinatorics problems that had been classified for 20+ yr. The genie is out of the bottle.
I’m in cybersecurity and voraciously consume everything related to it. I’d be really curious to know what you’re reading that says the US is capable of anything beyond social engineering.
Edit: really good example is the rampant infiltration of malware into critical infrastructure in the US, something that would have been unheard of until the late 90s/early 00s. Hell, the Silk Road was only taken down via social engineering and gross misconduct was completely missed.
.
That’s okay! The literature and the international cybersecurity community explicitly disagree with your naive assessment that “billions means we have capabilities” and the total lack of defense for critical infrastructure highlights how all of that is spent poorly. I don’t need to go out of my way to try and convince someone on a government contract doing nothing because neat attacks like the Colonial Pipeline and Pegasus prove my point!
.
While more money has been thrown at the problem, the US still lacks the people. Quantity has a benefit over quality here if you have 1 blue force for every 15 red forces. Cyber attackers only need to get an exploit running once for success. Defenders need to stop exploits every single time.
Add on to that very strict requirements for US persons to be able to legally conduct offensive cyber actions (clearances) and relatively low pay compared to security research or information security careers, you quickly get to a point where you take what you can get, especially when you’re down to 76% of your ideal manpower
breakingdefense.com/…/how-dod-is-thinking-outside…