Step side Russia: the new global hacking bogeyman is now officially China.
Just days after the US accused Beijing of hacking hundreds of millions of Marriott accounts and extracting the private data of countless Americans, even as the ongoing diplomatic feud over Chinese “intermediation” in western communications via the likes of Huawei escalates, moments ago the EU unveiled that China was now also the new Wikileaks, accusing hacker tied to China’s People’s Liberation Army of a “huge hack” of its diplomatic cables and reviving fears about vulnerabilities in the 28-country bloc’s data systems.
According to investigators, hackers had accessed cables on a variety of geopolitical issues including terrorism, transatlantic relations, peace in the Middle East, arms control, the South China Sea and the Asia and Oceania working party.
In a campaign dating back at least to 2015, the hackers gained access to more than a hundred organisations including the EU’s Coreu electronic communication network, the FT reported citing a report due to be published on Wednesday by cyber security company Area 1 Security, that exposed the breach. According to the report, Chinese hackers used the Cypriot foreign ministry as an entry point to conduct cyber espionage over several years throughout the block. Other targets included parts of the UN and the AFL-CIO, a confederation of American unions that may have been of interest to the Chinese because it was involved in trade negotiations.
The EU Council secretariat said it was “actively investigating” allegations of a “potential leak of sensitive information”. “The Council Secretariat takes the security of its facilities, including its IT systems, extremely seriously,” it added.
But how do we know it’s China this time and not, say, North Korea, Moscow, or some basement dwelling supporter of Julian Assange? Well, according to Oren Falkowitz, CEO of Area 1, he had “absolute confidence” that a Chinese group was behind the attacks, because of an extensive analysis of their techniques… the same way CrowdStrike had “absolute confidence” Russia hacked the DNC server without, of course, allowing the FBI to also investigate it independent. He linked the hacks to the Strategic Support Force of the People’s Liberation Army.
In a hack surprisingly reminiscent of how “the Russians” got access to John Podesta’s email, Area 1 said the hackers initially accessed the system using unsophisticated phishing techniques, sending an email with a malicious link or attachment to people inside the ministry in Cyprus.
“It only takes access to one of the parties to expose all the other secrets,” Mr Falkowitz said. “You just break the weakest link in the diplomatic chain.”
The hack is the latest to involve China, whose government reached an agreement with the Obama administration in 2015 designed to curtail corporate espionage hacking companies to steal intellectual property or data, but it did not directly address more conventional cyber espionage against governments. As a trade war escalates between the US and China, the agreement is under pressure.
Full article: China Accused Of “Huge Hack” Of Thousands Of European Diplomatic Cables (ZeroHedge)