China hacks Israel, Iran, for info on tech, business advances

 China has hacked dozens of Israeli public and private sector groups as well as doing the same in Iran, Saudi Arabia and a variety of other countries, the international cybersecurity company FireEye announced Tuesday.

The massive cyber attack appears to be part of a long-term spying strategy in the area of technology and business competition and advancement, as opposed to any attempt to directly harm any of the target countries or businesses.

According to FireEye, Beijing did not discriminate along any of the fault lines in the region, using its cyber tools to spy on a wide array of Middle Eastern countries, which are often at odds with each other, while all doing business with China.

The goal seems to have been to gain intelligence into achieving better negotiation outcomes in terms of pricing by viewing internal email discussions and assessments, and to appropriate certain key technological developments where possible.

In addition, the attack is tied to a wide series of cyber exploitation of holes in Microsoft’s Sharepoint announced by the Israel National Cyber Directorate (INCD) in 2019, and is not an attack whose maximum impact is being felt currently.

The INCD tends not to name specific countries involved and would not name China on Tuesday.

Estimates are that some public and private sector Israeli entities started to repel the attack once the Sharepoint vulnerability was announced in 2019, but that in other cases, Chinese spying in Israel continued deep into the end of 2020.

The timing of the current announcement seemed to dovetail with the announcement by governments in Europe, Asia, the US and NATO in July of a similar massive cyber attack carried out by China.  

China generally denies attribution on the record, but off-the-record complains that the US and other countries have a double standard, saying that even if US businesses do not do espionage, that the NSA does.

However, tolerance for Chinese cyber attacks has gone down globally as its popularity has plummeted following its handling of the coronavirus crisis, Hong Kong, issues in the South China Sea and accusations of war crimes in its treatment of the Uyghur sector within China.

Israel has maintained high levels of business with China and Beijing is on the verge of opening a new port for Israel in Haifa, but Jerusalem has started to rebalance some of its dealing with China, while avoiding public direct confrontations.

Former INCD chief Buky Carmeli confirmed to The Jerusalem Post in August 2018 that China and other cyber powerhouses had been involved in spying throughout the Israeli public and private sectors, but that they had not reached the state’s “crown jewels” in digital terms.  

The Chinese Embassy responded to the report: “The FireEye report’s baseless accusations against China on cybersecurity issues are defamation for political purposes. China is a staunch upholder of cybersecurity. It has always firmly opposed and combated cyber attacks launched within its border or with its network infrastructure.”

“In fact, China is a major victim of cyberattacks. According to statistics from China’s National Computer Network Emergency Response Technical Team, about 52,000 malicious program command and control servers located outside China took control of about 5.31 million computer hosts in China in 2020, which seriously undermined,” China, said the Embassy

It concluded: “We hope Israeli friends and media outlets can make a clear distinction between right and wrong and refrain from providing platforms for rumors.”

Source link

Sign up for our daily Cyber Security Analysis and Threat Intelligence news.