Chinese Government Is Behind a Decade of Hacks On Software Companies, Says Report

An anonymous reader quotes a report from Ars Technica: Researchers said Chinese intelligence officers are behind almost a decade's worth of network intrusions that use advanced malware to penetrate software and gaming companies in the US, Europe, Russia, and elsewhere. The hackers have struck as recently as March in a campaign that used phishing emails in an attempt to access corporate-sensitive Office 365 and Gmail accounts. In the process, they made serious operational security errors that revealed key information about their targets and possible location. Researchers from various security organizations have used a variety of names to assign responsibility for the hacks, including LEAD, BARIUM, Wicked Panda, GREF, PassCV, Axiom, and Winnti. In many cases, the researchers assumed the groups were distinct and unaffiliated. According to a 49-page report published Thursday, all of the attacks are the work of Chinese government's intelligence apparatus, which the report's authors dub the Winnti Umbrella. Researchers from 401TRG, the threat research and analysis team at security company ProtectWise, based the attribution on common network infrastructure, tactics, techniques, and procedures used in the attacks as well as operational security mistakes that revealed the possible location of individual members.

first 15 posts are all trolls

Holy cow. I'm posting this after 15 posts have appeared an all of them are flamers and trolls. not a single engaging post. Is this some sort of chinese response to supress coherent discussion. I have a hard time thinking this is actually a representative sampling of slashdot. No I'm not new here. I'm being serious. this is slightly alarming and in a way news itself.

Now to distinguish this post I'll add some content here.

It's easily noticed that many countries accused of harboring state sponsored weaponization of the internet are also very concerned about putting up great firewalls around their country to distinguish inside and outside activity. While this might be attributed to an inward looking means of controlling a population that could if riled threaten the state one can see it another way. The fear is two fold. Outside agitators stirring up hate of the state government. the other is industrial and military espionage. And the reason to really fear either of those is if you know a thing or two about how easy the internet makes those. the more recent news about facebook and fake news sort of gives one pause to think that there's likely some connection to be made between those notions.

I'm not giving the US a pass on the potential for using the internet for mischief but I haven't yet noticed any efforts to seal off the US from the world and control what is said. Yes the creeping corporate nature of the internet news services is doing that all by itself but it's not driven by the state (just enabled by Amit pai for his own greedy reasons).

On the otherhand one could also decide to respond to this by crippling all trafic originating outside the US destined for the US. It would not be hermetic. Troll farms can just move their servers stateside, and people can view web pages hosted in other countries. But I probably would allow things to be more tracebale and if need be corralled or removed.

The US largely see a free internet as benefiting it's own economics, thus completely encicling the US with a great firewall would be a bad idea. But the economic benefits are also be true of other countries and will only become more dominant a concern. So punishment by IP address ostracism actually could be effective.

CHina and RUssia are at war with the west

[WindBourne]

This is not surprising. Anybody who is surprised by this is either an idiot, or one of those that work for these gov and are simply lying about it.
Yes, they are hitting the west VERY HARD. The amount of spying going on here is incredible.
Trump has it right in finally addressing CHina's economic war on America. Sadly, he is speaking about it, but really doing very little.
BUT, when he goes after allies at the same time, esp when they are NOT dumping on us, that is just insane.

It is time for the gov to start putting up real national security (i.e. go back to FBI doing the background checks), do decent checks on sub-contractors. etc.