Security Firms Say Chinese Hackers Behind US Ransomware Attacks

An anonymous reader writes: According to four leading security firms, some of the recent ransomware attacks against U.S. companies have been performed by hacking groups working at the behest of China's government. From the report, "Security firms Attack Research, InGuardians and G-C Partners, said they had separately investigated three other similar ransomware attacks since December. Although they cannot be positive, the companies concluded that all were the work of a known advanced threat group from China."

Re:How does this make sense?

[valsmithar]

I'm going to put out a blog post soon to give more detail, but essentially it is private contractors who used to work with the PLA and are now under-employed trying to make money on the side. At least that is my theory.

Re:I wonder...

[valsmithar]

That is a valid question, and often the case. In our case however we are 11 full time and another 6 or so part time people. We have a building, and locations in several states. You can, for example, look up our papers published by blackhat, defcon, etc. to see more than just what we post on our blog. Here is one of my old favorites: https://www.defcon.org/images/... I know at least one of the other companies, InGuardians, is roughly similar in size, and many of its people were foundational contributors to things such as SANS. Dell Secureworks is one of the pre-eminent security organizations in the world and are a very large group V.