Western governments struggle to coordinate response to Chinese hacking | China

[Pelican Press 0]

Western governments struggle to coordinate response to ******** hacking | China

With the announcement that the *** government would be imposing sanctions on two individuals and one entity accused of targeting – without success – *** parliamentarians in cyber-attacks in 2021, the phrase “tip of the iceberg” comes to mind. But that would underestimate the iceberg.

James Cleverly, the home secretary, said the sanctions were a sign that “targeting our elected representatives and electoral processes will never go unchallenged”.

But some experts saw it as a sign that the *** had been pushed into a corner by a decision in Washington to indict seven individuals associated with the hacking outfit known as APT31, who are

This is the hidden content, please

• Sign In
• or
• Sign Up

engaging in a “prolific global hacking operation” that sent more than 10,000 malicious emails to politicians, officials, journalists and critics of China across several continents.

The sanctions “won’t make a ****** bit of difference” to the ***’s cybersecurity, according to Alan Woodward, a professor of cybersecurity at the University of Surrey, who said they were “the equivalent of sending a stiffly worded letter”. The *** government “have got to say something because the Americans are saying something, but still don’t want to upset the ********”.

The government revealed the historical hacking attempts on the same day that it pointed the finger at a “******** state-affiliated entity” for compromising the Electoral Commission’s systems between 2021 and 2022. The ******** embassy in London said the ***’s statement was “completely unfounded and constitutes malicious slander”. But the *** did not accuse any of the sanctioned entities of being involved in that breach. The government has “conflated two separate issues in a way that is quite confusing to the general public”, said Jamie MacColl, a research fellow in cybersecurity at the Royal ******* Services Institute thinktank.

Part of the reason that the ***’s response is seen by some as being weak and confusing is that ******** hacking attempts are not isolated events. Rather, they constitute the ecosystem in which all western governments must navigate their relationships with Beijing. In a report published on 27 March,

This is the hidden content, please

• Sign In
• or
• Sign Up

said China “continues to lead the way for government-backed exploitation”. APT31 alone has been linked to hacks in

This is the hidden content, please

• Sign In
• or
• Sign Up

,

This is the hidden content, please

• Sign In
• or
• Sign Up

and of

This is the hidden content, please

• Sign In
• or
• Sign Up

, while New Zealand said

This is the hidden content, please

• Sign In
• or
• Sign Up

that another well-known ******** hacking outfit, APT40, attacked its parliament in 2021 (the ******** embassy in New Zealand denied the allegations).

A recent ***** of data from the ******** cybersecurity firm iSoon revealed the extent to which China’s hackers for hire compete for government contracts, sometimes hoovering up data from foreign agencies on spec with the hope of selling it to the highest bidder. In the case of APT31, the US Department of Justice alleges that the hacking operation was directly run by a provincial department of China’s ministry of state security.

But in general, said Mei Danowski, a China cybersecurity expert and author of the

This is the hidden content, please

• Sign In
• or
• Sign Up

newsletter, nearly every cybersecurity firm in China would have some sort of contract with government clients. With a cybersecurity industry worth an estimated $13bn (£10.3bn), that is a lot of potential hackers.

That leaves western governments struggling to coordinate an effective response to hacks or hacking attempts. In many cases, the ******** government has plausible deniability about responsibility, and it is not always clear what the impact of data breaches are. Audrye Wong, an assistant professor at the University of Southern California, said that while Russian-based hacks often “sow discord and chaos”, China was “more cautious” and “still very much cares about shaping perceptions of China and the ******** ********** party”. Many western international security experts refer to the maxim that while Russia may be the storm, China is climate change.

Danowski says that since the US

This is the hidden content, please

• Sign In
• or
• Sign Up

hackers associated with a company called Chengdu 404 in 2020, its business operations in China have carried on as normal, suggesting that the “name and shame” tactic adopted by the US and the *** this week may be symbolic at best.

And while China says it has “no interest or need to meddle in the ***’s internal affairs”, some cybersecurity experts note that gathering information on foreign states is the bread and butter of every country’s intelligence operations – in other words, spies spy.

Reuters recently

This is the hidden content, please

• Sign In
• or
• Sign Up

that Donald Trump, while president, had authorised a covert CIA operation on ******** social media to turn ******** public opinion against Beijing, in an operation that may still be active. If ******** cyber-attacks lead to “the harassment of dissidents, I could see why sanctions would be justified”, said MacColl. “But from my perspective the activity that’s been named is predominantly political espionage.”

This is the hidden content, please

• Sign In
• or
• Sign Up

#Western #governments #struggle #coordinate #response #******** #hacking #China

This is the hidden content, please

• Sign In
• or
• Sign Up