How China hacked US telecommunications networks

Lily Newman of WIRED has been researching stories about Goldberg at the RSA Conference in San Francisco this week. RSA is the biggest technology conference in the world. Another warning from RSA is that as ransomware becomes less profitable, attackers may turn to business email compromises (BECs) to make money - BEC attacks are already highly profitable.

Also this week, dark-web marketplace AlphaBay will finish its quest to return to the top of the online underworld. This dark web site hosted more than 350,000 products ranging from drugs to cybercrime services. It was removed from the dark web from the dark web in July 2017 through an extensive law enforcement operation.

Despite this incident, AlphaBay's second-in-command, a celebrity actor known as DeSnake, survived and reopened the site last year. Now AlphaBay is experiencing rapid growth and is poised to regain its position as a leader in the dark web.

The Chinese government uses state-sponsored hackers to attack a wide range of communications technologies, from mobile devices to large telecom networks, in the past two years. According to the NSA, FBI, and Cybersecurity and Infrastructure Security Agency (CISA), which published a security advisory this week describing a 'widespread' hacking attack.

Since 2020, Chinese-backed actors have exploited publicly known software flaws in hardware, and they have incorporated compromised hardware into their own attack infrastructure. The attacks typically consisted of five steps, according to US agencies.

Chinese hackers would scan for vulnerabilities in networks using publicly available tools. First they would gain access through online services, retrieve user credentials from the system, gain access to routers and copy network traffic, and then they would 'exfiltrate' the victim's data.

The agencies assert in their joint advisory that the exploiting of these vulnerabilities allowed them to establish broad infrastructure networks in order to target a wide range of public and private sector targets.

Since the start of the conflict in Ukraine, Russia has experienced unprecedented levels of hacker activity. Now that more than 100 days have elapsed since the start of the war, tensions are increasing over cyber activity. Russia's Foreign Ministry announced on June 9 that its critical infrastructure and government bodies have been targeted by cyberattacks, warning that this could lead to a military confrontation with the West.

A statement from the Foreign Ministry stated that 'the militarization of the information space by the West and attempts to turn it into an arena of interstate conflict have greatly increased the risk of a direct clash with unpredictable repercussions.' As soon as Russian troops entered Ukraine, concerns were raised about the possibility of escalation if people outside of Ukraine were involved in cyberattacks against Russia. Sky News reported last week that US military hackers have been engaged in offensive operations that support Ukraine.

For more stories like this

Explore our website