- Advertisement -

- Advertisement -


Inside the Ring: Chinese cyber actors pose ‘major threat’ to U.S. national security

Malicious cyber operations conducted by Chinese government hackers pose a significant threat to American national security, according to a report by three U.S. security agencies.

“The National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and allied cyberspace assets,” the report says.

The report is the first time the security agencies directly called out Chinese cyber operations and listed at least 50 different technical methods used by Beijing’s cyber spies in stealing information from both government and private sector computer networks.

“Chinese state-sponsored cyber actors aggressively target U.S. and allied political, economic, military, educational and critical infrastructure personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property and personally identifiable information,” the report said.

The report was released this week as part of a major Biden administration program to expose and denounce what it said were Chinese hacking and data theft.

According to the NSA, CISA — a part of the Homeland Security Department — and the FBI, the main targets of the cyberattacks include service providers, semiconductor companies, defense contractors, universities and medical institutions. The cyber operations support Chinese military and economic development.

The report details what security analysts call “TTPs” — tactics, techniques and procedures — used by Chinese hackers.

The technical report was produced to help computer administrators and others in protecting networks from Chinese attacks. The U.S. agencies identified what they called increasingly sophisticated state-backed cyber operations targeting political, economic, military, educational and critical infrastructures, such as electric and communication grids.

Chinese state hacker operations are conducted by the Ministry of State Security civilian spy service and People’s Liberation Army intelligence agencies. Analysts note that the two agencies in recent years have cooperated closely in targeting and collecting civilian and military information for the ruling Chinese Communist Party.

“These actors take effort to mask their activities by using a revolving series of virtual private servers (VPSs) and common open-source or commercial penetration tools,” the report said.

A second trend is the exploitation of operating systems and other software vulnerabilities.

“Chinese state-sponsored cyber actors consistently scan target networks for critical and high vulnerabilities within days of the vulnerability’s public disclosure,” the report said. “In many cases, these cyber actors seek to exploit vulnerabilities in major applications, such as Pulse Secure, Apache, F5 Big-IP and Microsoft products.”

China’s most-used software vulnerability is in unpatched Microsoft Object Linking and Embedding technology that allows hackers to use documents to send malware. Another favored method of Chinese hackers is the use of encrypted proxies to evade detection by cybersecurity tools.

“Chinese state-sponsored cyber actors have been routinely observed using a VPS as an encrypted proxy,” the report said. “The cyber actors use the VPS as well as small office and home office devices as operational nodes to evade detection.”

Critics see Biden defense budget shortfalls

The Biden administration’s proposed defense budget for fiscal 2022 falls short of meeting needed military support for the challenge posed by Communist China, said Roger Zakheim, director of the Ronald Reagan Institute.

“The Biden administration’s fiscal 2022 budget request falls seriously short of what is required to support the [2018] National Defense Strategy,” Mr. Zakheim, a former Pentagon official and congressional defense staffer, told the House Armed Services Committee this week. “The $715 billion request represents a real cut as it fails to keep pace with inflation.”

Mr. Zakheim called for a 3% to 5% annual increase in defense spending to confront threats posed by China and other adversaries, reflecting the past policy approach of President Reagan dubbed “peace through strength.” Those increases would amount to between $37 billion and $52 billion above the current funding request.

The flat defense budget sought by the administration “risks our ability to compete with China and meet our other national security obligations,” he said.

Mr. Zakheim noted that Congress is spending $3 trillion in response to the pandemic and is proposing additional trillions of dollars in future spending, but so far has not directed additional funds to the military. Mr. Zakheim said the Pentagon needs to stay “radically focused” on countering the Chinese military’s drive to become a world-class military by 2049.

China spends less on the military than the United States, but a recent Heritage Foundation study concluded that system differences allow the People’s Liberation Army to buy the equivalent of 87% of what the Pentagon budget can purchase.

PLA arms procurement, including around 14 warships a year and new aircraft carriers, will eclipse the U.S. military’s arms buying by 2024.

“If this occurs, then by 2030 the United States will no longer boast the world’s most advanced fighting force in total inventory value,” Mr. Zakheim said.

“The peace President Reagan spoke of was not a campaign slogan to advocate for more defense dollars but a desired end state in which American interests, economic prosperity and freedom were secured by the strength of a well-funded military capable of outcompeting those who might do us harm,” he said. “In short, we must resource a strong military because it is the best way to prevent war and sustain a peace on our terms.”

President Biden’s interim national security…

Read More:
Inside the Ring: Chinese cyber actors pose ‘major threat’ to U.S. national security

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.