Chinese Government Is Behind a Decade of Hacks On Software Companies, Says Report

An anonymous reader quotes a report from Ars Technica: Researchers said Chinese intelligence officers are behind almost a decade's worth of network intrusions that use advanced malware to penetrate software and gaming companies in the US, Europe, Russia, and elsewhere. The hackers have struck as recently as March in a campaign that used phishing emails in an attempt to access corporate-sensitive Office 365 and Gmail accounts. In the process, they made serious operational security errors that revealed key information about their targets and possible location. Researchers from various security organizations have used a variety of names to assign responsibility for the hacks, including LEAD, BARIUM, Wicked Panda, GREF, PassCV, Axiom, and Winnti. In many cases, the researchers assumed the groups were distinct and unaffiliated. According to a 49-page report published Thursday, all of the attacks are the work of Chinese government's intelligence apparatus, which the report's authors dub the Winnti Umbrella. Researchers from 401TRG, the threat research and analysis team at security company ProtectWise, based the attribution on common network infrastructure, tactics, techniques, and procedures used in the attacks as well as operational security mistakes that revealed the possible location of individual members.

Never mind all that, #RussianCollusion!!

[mi]

Don't let yourself be distracted, people — neither by electronic spying in TFA, nor by the other kind. The real and most prepossessing problem facing humanity in general and the US in particular is that a promiscuous man with bad hair is the President. #Resist!!

Re:Never mind all that, #RussianCollusion!!

It wouldn't be so bad except for the reality of what said bad-haired sexually perverse person has been doing. Including paying to hide the aforementioned out of so-called charitable dollars, encouraging hacking, spying, and other forms of crime to his own benefit, allowing individuals in his administration to be corrupt, incompetent, and abusive.

Really mi, do you think nobody pays attention to the actual rotten governance of the Trump administration just because somebody claims he opens meetings with a prayer? That would be dumb. Ironic, of course, since it was the Birther-in-Chief himself who spent years coming up with preposterous events to pretend to be outraged over, including allegations of Muslim prayer curtains in the press room.

Now, of course, when we document Trump's bumbling speech to his cheering crowd that would give him a trophy for wiping his ass with his bare hands, you want to ignore that and pretend you're suddenly concerned over how we've always been at war with EastAsia.

I guess you need to get back to you thirty-minute hate. But don't forget, Snowball betrayed the farm, he was seen with the two-legs.

Re:Never mind all that, #RussianCollusion!!

It's hard to admit you were conned, isn't it? That's a fundamental weakness in the human psyche.

We know your type. You were chanting along with the crowd when he asked 'who's going to pay for the wall'

Haha. And how's that really great healthcare plan coming? Oh and the infrastructure fund? Or perhaps the trillion dollars in new debt? It goes on and on doesn't it?

Haha. You got played by a known conman.

Re:Never mind all that, #RussianCollusion!!

I am American and many people are talking about Russian collusion is made up controversy by libtard leftists. How many years now of endless investigations, billions of the taxpayer dollars spent and NO RESULTS, not even one bit of evidence of any kind of contact. Their is NO COLLUSION and liberal demoncrats want to use this made up controversy to undermine amazing president trump (who solved the korea crisis and should be given nobel piece prize BTW). LOCK HER UP.

Re:Never mind all that, #RussianCollusion!!

Let me guess, your world is made up of rainbows and unicorns?

Millennial alert

Yes, China has been up to this sort of thing for many decades, and their government are the highest order of liars. They still send spies to our various institutions such as national laboratories, too. We are what we used to term 'ambivalent allies'. This is not news to most of us. Welcome to the realities of adult life. Somehow every single generation before your parents spoiled you for all time, managed to live our lives without wetting our pants, having temper tantrums, or insisting that the government make the entire world into a safe space due tour own personal shock or discomfort or inability tocope with the simplest of challenges. You can do the same, it's not too late to learn how to be a functional human being, but you'll have to give up your victimhood. You do not control nor are you the center of the universe. You control only yourself, and you could do about 1000 times better.

Re: Millennial alert

You write just like a millennial. Basic charlatan, acting like you know everything. Gigantic wall of text because you never learned about formatting. All you've learned in school was how to be a loudmouth jackass. Yup, you're a millennial.

Also, pants wetting is older than America, previous generations wet their pants and threw tantrums and begged for government intervention. None of that is new, none of it is unique to any generation.

Re:Millennial alert

Thankfully the US has never been caught with its hands in teh cookie jar spying on others? Oh.. it is OK they do it but not OK for others to spy in return?

Yes, China has been up to this sort of thing for many decades, and their government are the highest order of liars.

No one in the US has ever lied? never had a president in an impeachment process for lying? Interesting..

Re:Millennial alert

Thankfully the US has never been caught with its hands in the cookie jar spying on others. They did get called out over Stuxnet but I think that publicity was part of the plan. On the other hand China, Russia, and NK have been caught numerous times and publically called out. I am not saying all the accusations are true but the majority of them are basked up by evidence. So this means either the US does not conduct wide spread cyber attacks against it's enemies or the US is so damn good at that even China and Russia can't find enough evidence to make up a convincing lie.

Well there is no choice then

We'll just have to give tech companies hundreds of billions of dollars and millions of Indian contractors so they can secure there systems since they just don't don't have the money or expertise to do it themselves and they are just to important to let fail.

so what?

I mean, we here about this all the time, they go back and forth, nobody does anything and nothing comes from any of it.

Goats in the mountains smack their heads together too, in a similar vein these two incidents affect my life in equal manner.

Now if any one of them wants to actually take ANY form of action that would be interesting but since they are all just cock measuring each other with keyboards I am at a loss as to why I should care.

Btw, just exactly what am I supposed to be caring about here? Is this a new event? Can I build something with this information? Does this help me get more energy, filter my water, setup an AI to perform a task, reveal a new potential of possibility....or is this all just daytime drama like my fat momma used to love to watch with little to no purpose or point?

Did they finally find it?

[jennatalia]

The truth hidden in the pudding? Public knowledge vs actually having proof...

haxxy haxxy haxx0rz wif de haxxy haxxy haxx!

Welp, another clickbaity content-free crapticle I can safely skip. Thanks, BeauHD!

Re:haxxy haxxy haxx0rz wif de haxxy haxxy haxx!

[dcw3]

Welp, another clickbaity content-free crapticle I can safely skip. Thanks, BeauHD!

Sorry, it didn't fit your Chinese agenda?

Trump Gonna Kick Some Xi Ass!

And won't be nothin left but xit.

The tipoff

The tipoff was that their AI only speaks English.

Re:Vatican collusion & BAN BUMP STOCKS... apk

You are crazy cat-lady times two. Are you retarded or what? I can't believe someone as stupid as you appear to be can survive in real life.

Propaganda police

"Yes, China has been up to this sort of thing for many decades, and their government are the highest order of liars. "
Not sure how to evaluate given lying prevalence in most places but censorship seems like something liars would like for easier control.

Something wrong with the Asian moral compass?

Seriously, look at the history of prisoner atrocities commited by Asian captors. At some point you have to wonder what the fuck is wrong with these people.

Re:Something wrong with the Asian moral compass?

"The confederates are just part of our history, let's keep the statues"

Re:Something wrong with the Asian moral compass?

[Tablizer]

Kind of like the US treated Muslim captors?

Re:Something wrong with the Asian moral compass?

It's sad when truth is buried. Weak morons will point out of the parent. It's true. The Asian moral compass is fucked beyond explanation. Just look at what the Japanese did to prisoners in WW2. Look at what Chinse did to the same. Total depravity. Evil god damn people. Evil!

Chinese Hack to Steal Money

That's the difference between the Chinese and the United States. We hack in support of our national defense. The Chinese hack to steal the negotiating strategy of Coca Cola in their upcoming talks to acquire a drinks company or to steal the plans for new commercial aircraft designs from Boeing. Trump is right to hit them with Tariffs. The government of China is totalitarian and controlled by thieves and liars. It's high time that we began treating them as such.

Re:Chinese Hack to Steal Money

You hack to keep your boot on everybody elses neck. Tiny fraction of the world population trying to control everything. You do it because you know as soon as you loosen the boot the poor will rise up and crush you.

Re:Vatican collusion & BAN BUMP STOCKS... apk

your life must be so pathetic for you to pretend to be APK for kicks. sad really. doesn't take much to entertain yourself, does it? what's tha matter, watching pain dry too much for your little brain? grow up!

first 15 posts are all trolls

Holy cow. I'm posting this after 15 posts have appeared an all of them are flamers and trolls. not a single engaging post. Is this some sort of chinese response to supress coherent discussion. I have a hard time thinking this is actually a representative sampling of slashdot. No I'm not new here. I'm being serious. this is slightly alarming and in a way news itself.

Now to distinguish this post I'll add some content here.

It's easily noticed that many countries accused of harboring state sponsored weaponization of the internet are also very concerned about putting up great firewalls around their country to distinguish inside and outside activity. While this might be attributed to an inward looking means of controlling a population that could if riled threaten the state one can see it another way. The fear is two fold. Outside agitators stirring up hate of the state government. the other is industrial and military espionage. And the reason to really fear either of those is if you know a thing or two about how easy the internet makes those. the more recent news about facebook and fake news sort of gives one pause to think that there's likely some connection to be made between those notions.

I'm not giving the US a pass on the potential for using the internet for mischief but I haven't yet noticed any efforts to seal off the US from the world and control what is said. Yes the creeping corporate nature of the internet news services is doing that all by itself but it's not driven by the state (just enabled by Amit pai for his own greedy reasons).

On the otherhand one could also decide to respond to this by crippling all trafic originating outside the US destined for the US. It would not be hermetic. Troll farms can just move their servers stateside, and people can view web pages hosted in other countries. But I probably would allow things to be more tracebale and if need be corralled or removed.

The US largely see a free internet as benefiting it's own economics, thus completely encicling the US with a great firewall would be a bad idea. But the economic benefits are also be true of other countries and will only become more dominant a concern. So punishment by IP address ostracism actually could be effective.

Re: first 15 posts are all trolls

[DNS-and-BIND]

You're nuts if you think the slender resources of foreign countries will be spent on a worthless platform like Slashdot. Nobody of consequence reads it, and its reach is tiny. The real tragedy is that people believe any opposition must be *those dirty foreigners*. It's the Red Scare all over again. People are seeing dirty foreigners under the bed. It's sad, I thought we had progressed long past this. :(

Re: first 15 posts are all trolls

They aren't going after Slashdot itself, just US discussions in general.
So yeah theu would. It's a drop im the bucket.

You act like they pay well...it's do the work or get killed.

Re: first 15 posts are all trolls

No Russians you say?
Do you Ivans even do irony?

Re:first 15 posts are all trolls

[currently_awake]

America desperately needs a unified network defence, preferably run by experts and with a large budget. Think NSA but dedicated to protecting America instead of hacking everyone. I realize the NSA was actually set up for this task, but they have deserted their post in the face of the enemy, and only work on offense now.

Re: first 15 posts are all trolls

watch all the tin-foil hat types posting about the "50 cent" army or whatever they call it.

it is like those nut jobs who drive up to aera 51 and are asked to leave.. then they post the video's on youtube about how they "infiltrated" area 51.
Self important, they think they spotted the "chinese propaganda agents" which are really just people who dont agree with them.
While it is possible some PLA people read this, it is highly unlikely as they have bigger and better things to do.

https://en.wikipedia.org/wiki/... plus some self-important views held by others.

Re: first 15 posts are all trolls

[Reverend+Green]

You tell 'em, Comrade Li Feng! There is absolutely no such thing as a Chinese fifty cent army!

Emperor Xi always pays us in renminbi...

Re: first 15 posts are all trolls

Yes, please help me. I don't want to post here but if I don't the Chinese government literally kill me !!

The trully sad part is the rather large number of Americans that think the above statement is true.

Re: first 15 posts are all trolls

Is funny in Russian, yes?

Re:first 15 posts are all trolls

No, the NSA was never set up for that task. You need to read a little bit of their history before making stupid statements.

Re: first 15 posts are all trolls

Grow up, move out of your parents basement and get a life.

Re: first 15 posts are all trolls

Get real, bro. Not all, or even most, Slashdot readers live in their parents basements. Some of us live high above the city in preposterous luxury.

How did they attribute the attack?

Besides one block of ip address assigned to China unicom, what other evidence do they have? Is it simply because many targets were political attacks?

Re:How did they attribute the attack?

[dcw3]

Besides one block of ip address assigned to China unicom, what other evidence do they have? Is it simply because many targets were political attacks?

What evidence do we have that you're not a Chinese troll?

CHina and RUssia are at war with the west

[WindBourne]

This is not surprising. Anybody who is surprised by this is either an idiot, or one of those that work for these gov and are simply lying about it.
Yes, they are hitting the west VERY HARD. The amount of spying going on here is incredible.
Trump has it right in finally addressing CHina's economic war on America. Sadly, he is speaking about it, but really doing very little.
BUT, when he goes after allies at the same time, esp when they are NOT dumping on us, that is just insane.

It is time for the gov to start putting up real national security (i.e. go back to FBI doing the background checks), do decent checks on sub-contractors. etc.

Re:CHina and RUssia are at war with the west

WHy CHina, RUssia ARe AT WAr WIth AMerica? SEe A PAttern HEre?

Re:CHina and RUssia are at war with the west

[Tablizer]

I'm sure the US gov't hacks into their military-related affairs. But theirs goes beyond military-related.

Re:CHina and RUssia are at war with the west

[HiThere]

I don't disbelieve the story, at all, but I still think you misunderstand it. Countries have no permanent allies. They are ALL ruled by self-seeking power-hungry individuals. (If they weren't like that, they would never have reached the top. The techniques differ, but not the goals.) And they all spy on each other in any way that won't be too blatant, and especially in any way that's deniable.
Please Note: I am not excepting the US. We've been caught at this several times.

This isn't war, this is the continuation of diplomacy by normal means as has been practiced throughout history. It doesn't approach war until the actions escalate to include sabotage..even then it's only a close approach. When the US sabotaged an adversaries nuclear refineries, that wasn't quite war. Very close, but not quite. If umbrage had been taken it could easily have escalated to war. And that that was a US endeavor hasn't really been seriously denied. So don't get on a high horse.

Re:CHina and RUssia are at war with the west

Yes, that will help, more government bureaucracy.
Who will be left to stand up to all of America's spying and abuse of everyone else?

Well, your "reports" say alot of crazy things

and as always there is no solid evidence. They are just accusations that focus on a goal that is on the agenda. These days it's to accuse China and Russia for doing things they've never done, that you've done yourself for many years, and then accuse anyone of pointing out your hypocrisy for engaging in "whataboutism".

Nobody believes you any more.

Re:Well, your "reports" say alot of crazy things

[dcw3]

Nobody believes you any more."

Nobody believes ACs aren't here trolling the forum on behalf of some nation states.

Weird Timing

[tinkerton]

The timing of this is weird. First we had terrorists which were the worst problem. Now the terrorism problem is maybe 100 times worse but now the Russians are taking over the world. Shouldn't we be giving it a bit more time before raising the Chinese to first enemy? I mean we haven't gotten the message yet 'never mind the russians here is the *real* enemy!'

Re:Weird Timing

Hmm, you forgot to mention that North Korea is now our best buddy!

Re:Weird Timing

The answer is plain and simple: There can be multiple kinds of 'battles' with multiple fronts and with different kinds of enemies. On top of external threads there may also be internal ones. Because in the end none of these things are mutually exclusive. Everyone is on their own and usually sees to their own interests first.

You'd think China wouldn't throw Russia under the bus if it means it could benefit them. Just because the West is a common competitor doesn't really make them friends or even allies in every situation. The West is also one of the most important customers of China, while Russia as long as they don't open up their resources for Chinese exploitation isn't really of that much importance to them. A similar thing goes for the relationship between the US and EU and that was true even before Trump stated "America first". If you want to go even further the same is true for nations in the EU. Or states in the US or even much smaller countries like in Europe.

Re:Weird Timing

[tinkerton]

When I'm being told I have to give up my rights to enable a fight against a huge danger: the terrorists, and then all kinds of things are done with a side effect to increase the number massively, and then it's not such a problem anymore, then I'm not inclined to have any trust in claims that now Russia is the big boogeyman, and then China.

There is a war in Afghanistan for 16 years now, but I'm told there is nothing to see there.

Re:Weird Timing

[currently_awake]

America doesn't have a Terrorist problem. The number of Americans killed or wounded by terrorists world wide is close enough to zero to be a rounding error. China as "The Enemy!" can't wait, their economy is about to overtake the USA as bigest in the world, there are lots of dollars at stake.

Re:Weird Timing

You could make the same argument for gun deaths.

Re: Weird Timing

[Reverend+Green]

Disarm the commoners!!!!!1!1!111!!!!!

Re:Weird Timing

[crimson+tsunami]

Too late.

Mod up insightful parent

insightful

Any evidence on Huawei yet?

Just being rhetorical, we know they don't have anything (or won't publish anything) on Huawei.

Re: Vatican collusion & BAN BUMP STOCKS... apk

Wow fake APK is back. What a fag.

Re: Vatican collusion & BAN BUMP STOCKS... apk

[bestweasel]

"UNIDENTIFIABLE WEASELS"

Hey, watch it with the racial insults.

Report is buy a bunch of capital investment firms

If you follow the links you'll find that these people:

https://www.protectwise.com/company/

authored the report. Sounds quite fishy to me.

Re:crush 'em

[HiThere]

I think you misunderstand the economic realities, but, yes, if you want to protect yourself against the Chinese, those are reasonable actions. Unfortunately, it would be wise to secure your utility networks, etc. before action. And economically it would probably hurt the US a lot more than it hurt China. If you default on Chinese held securities your credit rating with everyone else will quickly drop to ZZZ, or less unless you've got solid grounds that THEY will accept. Even the less extreme action of freezing them until some "adjustment" is made would be likely to wreck your credit unless there is some exceptionally good reason with solid proof. And this isn't it.

BULLSHIT

BULLSHIT PROPAGANDA.

North Korea

For these ten years, in order to maintain a working relationship with a bully, the US and their propaganda machine (the Mainstream Media) would blame North Korea (LOL) or some vague, nefarious nation-state. If the US wasn't directly responsible for the hacks themselves, the "nation-state of the day" would be used to remove any responsibility for the poor security practices employed by major firms (yahoo and others).

Re:Don't be a cuck!

[MoaDweeb]

Punch a Nazi win a prize. I hope he goes down.

Only for a decade?

So they are like, 2-3 decades behind the NSA? Surely they aren't THAT incompetent.

General Melchett

[crimson+tsunami]

These spy stories always remind me of this Blackadder scene.

Captain Darling:
So you see, Blackadder, Field Marshall Haig is most anxious to eliminate all these German spies.

General Melchett:
Filthy hun weasels, fighting their dirty underhand war!

Captain Darling:
And fortunately, one of our spies...

General Melchett:
Splendid fellows, brave heroes risking life and limb for Blighty!

Re:Libtard Nuts

[dcw3]

Who the hell modded this tripe up???

Are we allowed to talk about this??

[ckatko]

For a year, Slashdot has basically been a Trump and Russia bandwagon while completely ignoring the countless examples of China using nation-state sponsered hacks to steal BILLIONS in tech, weapons, and nuclear secrets while everyone in the media, congress, and Slashdot goes "russia! russia! russia!"

So, are we finally allowed to talk about the fact that China actually has a war machine "at parity" with the US military (and Russia doesn't), and that they make up over half of all internet attacks? (Russia doesn't.) And they literally were caught red handed directly financing a political party in the 90's nicknamed "Chinagate" and actual people went to jail? Oh, wait, but that was Bill Clinton and the Democratic party. I'm sorry. Please... I'm so sorry.

Re:Are we allowed to talk about this??

It's obvious that Trump was Russia's candidate.

It's equally as obvious that Clinton was China's candidate.

This is the way the Roman Empire played out.

Not just software companies

[DaMattster]

The Chinese go after anything with an open SSH port. On my server, I have no less than 500 Chinese IP addresses sitting on a ban list. My server is nothing exciting either. It just hosts my email and a blog - they have absolutely no information to gain whatsoever. They may even be trying to bruteforce my server in an attempt to assimilate it into a bot net. Well good luck, commies. I run OpenBSD. You'll have better luck moving on ...

Chinese Hacking for the Holidays

Like most: not surprised. A coo-worker used to work at a "big ten" university. Every major holiday remote exploits from Asia would go through the roof. I guess they thought faculty would be at home unawares..

Re:Chinese Hacking for the Holidays

[CaffeinatedBacon]

Or all the bored hackers with the day off pretending to be from China.

big fucking wow

shocking article...lol. You have to be living in a cave if you think this is new.