Recently Yahoo News on-line reported the following:
Behind the doors of a Chinese hacking company, a sordid culture fueled by influence, alcohol and sex (1/3)
By Soo reported from Hong Kong. AP Technology Writer Frank
Bajak
Fri, March 8, 2024 at 1:30 a.m. PST
BEIJING (AP) — The hotel was spacious. It was upscale. It
had a karaoke bar. The perfect venue, the CEO of the Chinese hacking company
thought, to hold a Lunar New Year banquet currying favor with government
officials. There was just one drawback, his top deputy said.
“Who goes there?" the deputy wrote. "The girls are so ugly.”
So goes the sordid wheeling and dealing that takes place behind the scenes in China's hacking industry, as revealed in a highly unusual leak last month of internal documents from a private contractor linked to China's government and police. China’s hacking industry, the documents reveal, suffers from shady business practices, disgruntlement over pay and work quality, and poor security protocols.
Private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.
Though the existence of these hacking contractors is an open secret in China, little was known about how they operate. But the leaked documents from a firm called I-Soon have pulled back the curtain, revealing a seedy, sprawling industry where corners are cut and rules are murky and poorly enforced in the quest to make money.
Leaked chat records show I-Soon executives wooing officials over lavish dinners and late night binge drinking. They collude with competitors to rig bidding for government contracts. They pay thousands of dollars in “introduction fees” to contacts who bring them lucrative projects. I-Soon has not commented on the documents.
Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts, said the documents show that China's hackers for hire work much like any other industry in China.
“It is profit-driven," Danowski said. “It is subject to China's business culture — who you know, who you dine and wine with, and who you are friends with.”
HACKING THAT'S STYLED AS PATRIOTIC
China’s hacking industry rose from the country’s early hacker culture, first appearing in the 1990s as citizens bought computers and went online.
I-Soon’s founder and CEO, Wu Haibo, was among them. Wu was a member of China’s first hacktivist group, Green Army — a group known informally as the “Whampoa Academy” after a famed Chinese military school.
Wu and some other hackers distinguished themselves by declaring themselves “red hackers” — patriots who offered their services to the Chinese Communist Party, in contrast to the freewheeling, anarchist and anti-establishment ethos popular among many coders.
In 2010, Wu founded I-Soon in Shanghai. Interviews he gave to Chinese media depict a man determined to bolster his country’s hacking capacity to catch up with rivals. In one 2011 interview, Wu lamented that China still lagged far behind the United States: “There are many technology enthusiasts in China, but there are very few enlightened people.”
High-profile hacks by Chinese state agents, including one at the U.S. Office of Personnel Management where personal data on 22 million existing or prospective federal employees was stolen, got so serious that then-President Barack Obama personally complained to Chinese leader Xi Jinping. They agreed in 2015 to cut back on espionage.
These days, Chinese hackers are a formidable force.
In May 2023, Microsoft disclosed that a Chinese state-sponsored hacking group affiliated with China’s People’s Liberation Army called “Volt Typhoon” was targeting critical infrastructure such as telecommunications and ports in Guam, Hawaii, and elsewhere and could be laying the groundwork for disruption in the event of conflict.
Today, hackers such as those at I-Soon outnumber FBI cybersecurity staff by “at least 50 to one,” FBI director Christopher Wray said January at a conference in Munich.
(to be continued)
Translation
北京(美聯社)— 這家旅館很寬敞。 這是高檔的。 它有一個卡拉 OK 酒吧。 這家中國黑客公司的執行長認為,這是舉辦農曆新年宴會來討好政府官員的完美場所。 他的高級副手說,只有一個缺點。
副手寫道: “誰會去那地方?” , “那裡的女孩太醜了。”
這就是中國黑客產業幕後發生骯髒的違反規則的賺取利潤方法,是在上個月, 與中國政府和警方有聯繫的私人承包商的內部文件被非常不尋常地洩露。 文件顯示,中國的黑客產業存在不正當的商業行為、對薪資和工作性質, 以及糟糕的安全業務守則不滿。
私人黑客承包商是從其他國家竊取資料並出售給中國當局的公司。 過去二十年來,中國國家安全部門對海外情報的需求激增,催生了由這些私人僱傭黑客公司組成的龐大網絡,這些公司已滲透到中國境外的數百個系統。
儘管這些黑客承包商的存在在中國是一個公開的秘密,但人們對他們的運作方式知之甚少。 但一家名為 I-Soon 的公司洩漏的文件拉開了帷幕,揭露了這個不骯髒非法活動、龐大的行業,為了賺錢,這個行業走捷徑,規則模糊且執行不力。
洩漏的聊天記錄顯示,I-Soon 高層透過豪華晚餐和深夜酗酒向官員示好。 他們與競爭對手串通操縱政府合約的投標。 他們向為他們帶來利潤豐厚項目的聯繫人支付數千美元的「介紹費」。 I-Soon 尚未對這些文件發表評論。
網路安全分析師 Mei Danowski 在她的網誌 Natto Thoughts 上撰寫了有關 I-Soon 的文章,她表示,這些文件顯示,中國的僱用黑客的工作方式與中國的其他行業非常相似。
Danowski 說: “這是以利潤為導向的”; “這取決於中國的商業文化 - 你認識誰,和誰一起吃飯喝酒,及你的朋友是誰。”
愛國主義化的黑客行為
中國的黑客產業起源於該國早期的黑客文化,最初出現在 20 世紀 90 年代,當時公民購買了電腦並上網。
I-Soon 創始人兼執行長 Wu Haibo 就是其中之一。 Wu是中國第一個黑客組織「綠軍」的成員,該組織以一所著名的中國軍事學校而被非正式地稱為「黃埔軍校」。
Wu 和其他一些駭客以「紅色黑客」而聞名,他們是為中國共產黨提供服務的愛國者,這與許多程式設計師中流行的隨心所欲、無政府主義和反建制的精神形成鮮明對比。
2010年,Wu 在上海創立了 I-Soon。 他在接受中國媒體採訪時,顯示出決心增強國家的黑客能力,以趕上競爭對手。 在2011年的一次採訪中,Wu 感嘆中國仍然遠遠落後於美國:“中國有很多技術愛好者,但開明的人卻很少。”
隨著網路的普及,中國的僱傭黑客產業蓬勃發展,其重點是間諜活動和知識財產權盜竊。
中國國家特工的高調黑客攻擊,包括美國人事管理局的一次黑客攻擊,導致2,200 萬現有或未來的聯邦僱員的個人資料被盜,其嚴重程度導致時任總統 Barack Obama 親自向中國領導人習近平投訴。 他們在 2015 年同意減少間諜活動。
幾年來,入侵事件逐漸平息。 但 I-Soon 和其他私人駭客組織很快就變得比以往任何時候都更加活躍,為中國國家安全部隊提供掩護和否認。 Google Mandiant 網路安全部門首席分析師 John Hultquist 表示,I-Soon 是「與中國愛國黑客活動有聯繫的承包商生態系統的一部分」。
如今,中國黑客是一股強大的力量。
2023 年5 月,微軟揭露,一個隸屬於中國人民解放軍、由中國國家支持、名為「Volt Typhoon」的黑客組織正在瞄準關島、夏威夷和其他地方的電信和港口等關鍵基礎設施,並可能為在發生衝突時, 去破壞網路安全奠定基礎。
FBI 局長 Christopher Wray 一月份在慕尼黑舉行的一次會議上表示,如今,I-Soon
等駭客的數量與
FBI 網路安全人員的數量「至少為
50 比
1」。
(未完待續)
沒有留言:
張貼留言