Tuesday January 28, 2020
Home Lead Story Chinese Hacki...

Chinese Hacking Group Targets US Universities in Search of Military Secrets: Reports

The hackers use spear phishing, meaning that they pose as partner universities to the target

0
//
hackers, china military, hacking group
A building alleged to house a Chinese military-led hacking group is shown in Shanghai in a file photo. RFA

Hackers based in China have targeted at least 27 universities in the United States in search of maritime military secrets, security research firm iDefense has found as part of ongoing research.

According to a threat report by iDefense, the security research arm of Accenture, Chinese hacking groups have targeted 27 U.S. universities, and the number may rise as their research continues.

The hackers use spear phishing, meaning that they pose as partner universities to the target.

If the e-mails are opened, they unleash malware that allows hackers based in China to access stored research, iDefense reported.

The Massachusetts Institute of Technology (MIT) was among the targets, which also included the University of Washington, it said.

The Wall Street Journal reported that Penn State and Duke University were also targeted. One can also use firewall tester online to be secured at their part.

All of the targets had researchers working on submarine technology or related fields, including oceanography.

hackers, china military, hacking group
The hackers use spear phishing, meaning that they pose as partner universities to the target. Pixabay

iDefense said the hackers are likely affiliated with a group known as MUDCARP, and also referred to as TEMP.PERISCOPE, Periscope and Leviathan.

“Collection requirements appear to include several very specific submarine technologies produced by multiple cleared defence contractors (and their respective supply chains),” iDefense’s report said.

“Any technology or program that involves the delivery or launching of a payload from a submerged submarine, or undersea autonomous vehicles, is of high interest to MUDCARP,” it said.

State backing

The report comes after a March 4 report by FireEye, where researchers looking into the activities of MUDCARP, which it names APT40 (advanced persistent threat) were fairly confident that it had Chinese state backing.

It said the group targets organizations operating in Southeast Asia, especially relating to recent elections there, or linked to the South China Sea disputes and other actors who could affect the Chinese Communist Party’s Belt and Road infrastructure development plan, the FireEye report said.

“APT40 uses a variety of malware and tools to establish a foothold, many of which are either publicly available or used by other threat groups,” it said. “APT40 will often target VPN and remote desktop credentials to establish a foothold in a targeted environment.”

 

hackers, hacking group, military
If the e-mails are opened, they unleash malware that allows hackers based in China to access stored research, iDefense reported. Pixabay

Once the foothold is established, APT40 “uses a mix of custom and publicly available … tools to escalate privileges,” it said, including online dumps of leaked user data.

Naval development

Chieh Chung, a research fellow at the National Policy Foundation on the democratic island of Taiwan, said China’s People’s Liberation Army (PLA) has been putting huge resources into to developing its navy in recent years.

“[Information about] the Yellow Sea, the East China Sea, and the hydrological environment associated with the South China Sea are very important for maritime operations, especially for submarines,” Chieh told RFA.

“If [they] use such methods to collect data stored in other countries over a long period of time, they will succeed in filling the gaps in their own data pretty quickly,” he said.

“Much of this information, especially seabed topography, seawater salinity changes, and so on, are deemed classified by many countries.”

Chieh said it wouldn’t always be obvious to victims that they are being “phished,” because e-mails could be sent by researchers in the same field, while attachments could be articles or reports on hydrology.

“They may even pretend to be a sender with whom [the target] has a real-life connection, and trick them into opening the e-mail that way,” he said.

hackers, hacking group, military
iDefense said the hackers are likely affiliated with a group known as MUDCARP, and also referred to as TEMP.PERISCOPE, Periscope and Leviathan. Pixabay

Habits, awareness

Lin Ying-yu of Taiwan’s Chungcheng University said the key to preventing cyberattacks still resides with people, rather than defensive software.

“The focus is on users’ habits and awareness of information security,” Lin said. “All students and employees need to know that this threat exists.”

He said cyber attacks originating in China have shown a resurgence in recent years after a relatively quiet period.

Chinese rights activist and tech expert Pu Fei said the only effective way to prevent such attacks is through “air gaps”: physical barriers between classified material and the internet.

ALSO READ: “They Don’t Make Prayerful Offerings When They Harvest,” Story Of The Native American Church

“There is no such thing as a firewall that is 100 percent effective,” Pu said. “I still think that the best method is to cut computers that need top-level security off physically.”

“They shouldn’t be connected to the internet, or to any internal network,” he said. “That is a pretty safe way to go.” (RFA)

Next Story

Hackers Can Cause Serious Attacks On E-Bikes For Eavesdropping, Says Study

Someone with malicious intent could eavesdrop on these wireless channels and listen to data exchanges between the scooter and riders' smartphone app

0
Hackers
Vendors of Micromobility vehicles can also suffer denial-of-service (DoS) attacks and data leaks by hackers, said researchers from University of Texas at San Antonio. Pixabay

As governments including in India plan more e-bikes on roads to help tackle traffic congestion, like any Internet-connected device, hackers can cause a series of attacks in e-scooters, including eavesdropping on users and even spoof GPS systems to direct riders to unintended locations, warn researchers including some of Indian-origin.

Vendors of Micromobility vehicles can also suffer denial-of-service (DoS) attacks and data leaks, said researchers from University of Texas at San Antonio.

“We have identified and outlined a variety of weak points or attack surfaces in the current ride-sharing, or micromobility, ecosystem that could potentially be exploited by malicious adversaries right from inferring the riders’ private data to causing economic losses to service providers and remotely controlling the vehicles’ behaviour and operation,” said Jadliwala.

The micromobility e-scooter analysis was conducted by Jadliwala alongside graduate students Nisha Vinayaga-Sureshkanth, Raveen Wijewickrama and post-doctoral fellow Anindya Maiti.

The global e-Bike market is projected to grow at a CAGR of 9.01 per cent to reach $38.6 billion by 2025 from an estimated $21.1 billion in 2018, according to marketsandmarkets research firm. Computer science experts at the university have published the first review of the security and privacy risks posed by e-scooters and their related software services and applications.

According to the review, to appear in the proceedings of the 2nd ACM Workshop on Automotive and Aerial Vehicle Security (AutoSec 2020), hackers can cause a series of attacks. Some e-scooter models communicate with the rider’s smartphone over a Bluetooth Low Energy channel.

Someone with malicious intent could eavesdrop on these wireless channels and listen to data exchanges between the scooter and riders’ smartphone app by means of easily and cheaply accessible hardware and software tools such as Ubertooth and WireShark.

Those who sign up to use e-scooters also offer up a great deal of personal and sensitive data beyond just billing information.According to the study, providers automatically collect other analytics, such as location and individual vehicle information.

Hackers
As governments including in India plan more e-bikes on roads to help tackle traffic congestion, like any Internet-connected device, hackers can cause a series of attacks in e-scooters, including eavesdropping on users and even spoof GPS systems to direct riders to unintended locations. Pixabay

This data can be pieced together to generate an individual profile that can even include a rider’s preferred route, personal interests, and home and work locations.”Cities are experiencing explosive population growth. Micromobility promises to transport people in a more sustainable, faster and economical fashion,” said Jadliwala.

ALSO READ: TikTok and DSCI Comes Together To Unveil Interactive Quiz on Online Privacy

To ensure that this industry stays viable, companies should think not only about rider and pedestrian safety but also how to protect consumers and themselves from significant cybersecurity and privacy threats enabled by this new technology,” the authors noted. (IANS)