Thursday, March 28, 2024

Industrial Hacking Isn’t Just Made In China

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

‘UglyGorilla’ represents the latest trend in global business.

Mr. Gorilla, who also goes by the name Wang Dong, is one of the three Chinese hackersnamed by a US security firm this week as being involved in a massive cybertheft operation. The other two are “Superhard” (Mei Qiang) and “Raith.” (“Raith”? What kind of a boring hacker name is that?)

The security company Mandiant this week published a 74-page reportthat revealed previously unknown details about alleged Chinese government hacking. Specifically, the report claims to have learned that a specific unit of China’s Army has stolen information from 141 companies (most of them American companies) since 2006.

Chinese officials deny the allegations.

If the Mandiant report is accurate, the three hackers work for an organization called APT1, which is really a unit of China’s People’s Liberation Army (PLA) called Unit 61398. (Another possibility is that APT1 is an outside hacker group directed by the Chinese Army unit.)

Either way, Mandiant claims to have traced massive hack attacks involving terabytes of stolen data back to an unfashionable district of Shanghai where PLA Unit 61398 operates from this shabby, heavily fortified 12-story building.

(BBC reporters trying to video footage of the building yesterday were detained by guards and forced to hand over their videos.)

That building, according to top notch guesswork by Mandiant, employs not just UglyGorilla, Superhard and Raith, but hundreds or thousands of other English-speaking computer, security and hacking experts whose full-time job is to break into the networks of foreign companies, US defense contractors and foreign government agencies in order to steal whatever they can and use it for whatever purposes help the rise of China as an economic and military power.

Presumably, stolen trade secrets are handed over to Chinese companies to give them an advantage over their foreign rivals.

For example, when Google was hacked by the Chinese government (allegedly) nearly four years ago, presumably the “trade secrets” alleged by Google to have been compromised in the attack were handed over to the Chinese alternative to Google Search, called Baidu.

(We can also fear that China is trying to hack KFC to learn exactly what those 11 herbs and spices are and also gain unfair access to Victoria’s secret.)

It’s not clear what the connection is between the ongoing hack attacks alleged by Mandiant and past Chinese programs for stealing secrets, including Operation Shady Rat, Operation Night Dragon and Operation Aurora. (Aurora? What kind of boring hacker operation name is that?)

The Mandiant report didn’t provide new Big Picture information. There is widespread suspicion that the Chinese government is deeply involved in not only cyber espionage, but also industrial espionage in order to use the intellectual property of foreign companies against those very companies to give Chinese companies and economy an unfair advantage. But the Mandiant report did provide a slew of new details, including who, where and how they do it. Allegedly.

In recent weeks, news reports of hacks originating in China have been numerous.

Major newspapers in the United States, including The New York Times, The Wall Street Journal, The Washington Post and BloomBerg report being hacked, and information and internal communication focusing on stories about China have been stolen.

China isn’t alone in hacking and cyber industrial espionage, of course.

Tech companies have been hacked recently. Twitter reported recently that the personal profiles of about 250,000 Twitter users were compromised. Facebook and Apple were hacked. Both claim employee laptops were compromised but no data stolen.

A controversy is brewing as to whether the Facebook and Apple hacks originated in China or from Eastern European organized crime syndicates, but it’s probably the latter.

All these attacks appear to have originated with malware spread on the site iPhoneDevSDK, an iPhone developer message board.

And Burger King’s and Jeep’s Twitter feeds were allegedly taken over this week for more than an hour by a hacker named Tony “iThug” Cunha, according to Gizmodo.

Thousands of Twitter users watched the Burger King hack unfold, as “iThug” used hacker lingo to joke on the @BurgerKing Twitter account that McDonald’s had acquired Burger King. It was a public spectacle and, as a result, Burger King’s Twitter following grew by 30%.

After being shut down by Twitter for about 12 hours, the Twitter account came back online. The first thing BurgerKing tweeted was: “Welcome to all our new followers. Hope you stick around!”

Some accused Burger King of orchestrating the hack to gain publicity and Twitter followers. There’s no evidence for that. But it’s easy to see how orchestrating a fake hack could become a new method for getting viral publicity.

In fact, the Viacom cable stations MTV and BET did exactly that almost immediately after the iThug hack of Burger King. Just hours after Burger King came back online, the Twitter feeds of MTV and BET, were “hacked” in a faked and orchestrated hack attack.

After the Burger King hack but before the MTV fake hack, MTV’s social media manager tweeted: “Is there any real downside to the @BurgerKing hack? Mistake leaving the account suspended all day, would have seen a nice follower windfall.”

An hour after MTV started their fake attack, they fessed up and admitted the whole thing was a publicity stunt.

But what’s to stop other companies from faking hacks and not admitting they were fake? Only their “ethics.”

You can be sure that fake hack attacks on social media will occur as long as there are benefits to be gained.

The good news in all this is that all these hackers are pretty incompetent, according to reports. Even Mr. Gorilla and his colleagues are revealed to use sloppy hacking methods.

The bad news is that American companies are laughably easy to hack.

The timing of all this couldn’t be better for Google’s former CEO Eric Schmidt, who’s got a new book coming out April 23 called “The New Digital Age: Reshaping the Future of People, Nations and Business.”

Schmidt and his co-author Jared Cohen say flatly that the Chinese government is “the most sophisticated and prolific” hacker of foreign companies and that China’s aggressive policy of stealing information from foreign businesses will leave the United States “disadvantaged economically” because of the American sense of “fair play.”

So welcome to the new digital age. Cyber warfare, industrial espionage and state-sponsored hacking are suddenly just business as usual.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles