For years, a group of Chinese hackers known variously as Barium, Winnti, or APT41 has carried out a unique mix of sophisticated hacking activities that has puzzled the cybersecurity researchers tracking them. At times they appear focused on the usual state-sponsored espionage, believed to be working in the service of the Chinese Ministry of State Security. At other times their attacks looked more like traditional cybercrime. Now a set of federal indictments has called out those intruders by name, and cast their activities in a new light. Five Chinese hackers are accused of a sprawling scheme to break into the networks of hundreds of global companies in a broad range of industries, as well as think tanks, universities, foreign government agencies, and the accounts of Hong Kong government officials and pro-democracy activists.
The European Commission's digital commissioner has warned the mobile industry to expect it to act over security concerns attached to Chinese network equipment makers. The Commission is considering a defacto ban on kit made by Chinese companies including Huawei in the face of security and espionage concerns, per Reuters. Appearing on stage at the Mobile World Congress tradeshow in Barcelona today, Mariya Gabriel, European commissioner for digital economy and society, flagged network "cybersecurity" during her scheduled keynote, warning delegates it's stating the obvious for her to say that "when 5G services become mission critical 5G networks need to be secure". Geopolitical concerns between the West and China are being accelerated and pushed to the fore as the era of 5G network upgrades approach, as well as by ongoing tensions between the U.S. and China over trade. "I'm well away of the unrest among all of you key actors in the telecoms sectors caused by the ongoing discussions around the cybersecurity of 5G," Gabriel continued, fleshing out the Commission's current thinking.
New provisions made to China's Cybersecurity Law last November gives state agencies the legal authority to remotely conduct penetration testing on any internet-related business operating in China, and even copy and later share any data government officials find on inspected systems. Any company that provides an internet-related service with more than five internet-connected computers is susceptible to these inspections. The Chinese government agency tasked with carrying out these penetration tests is the Ministry of Public Security (MPS), the same agency which also maintains China's Great Firewall and its nationwide facial recognition system and surveillance cameras network. MSP officials received these new powers on November 1, 2018, in the form of new provisions to China's Cybersecurity Law, first adopted in 2017. These new provisions, named "Regulations on Internet Security Supervision and Inspection by Public Security Organs" (公安机关互联网安全监督检查规定) give the MSP the following new powers: The new provisions bolster an already intrusive Cybersecurity Law adopted in 2017, which gave Chinese authorities the right to analyze the source code of technologies used by foreign companies in China, all under the guise of identifying vulnerabilities during "national security reviews" to ensure national security.
A cyber attack on a commercial aircraft is "only a matter of time", US government researchers have claimed in a report. "Potential of catastrophic disaster is inherently greater in an airborne vehicle," the Pacific Northwest National Laboratory – a laboratory within the Department of Energy - suggested. It was one of a series of a series of documents and slides from the Department of Energy and the Department of Homeland Security (DHS), as well as other agencies, which were obtained by a Freedom of Information Act request by the Motherboard website. GCHQ to brief England over Playstation and smartphone cyber-attacks Britain'must be prepared to launch cyber attacks on enemies' If Russia launches a cyber attack on the UK, this is what we can do UK anti-doping agency hit by cyber attack Britain'must be prepared to launch cyber attacks on enemies' The same research from the Pacific Northwest National Laboratory also claimed that it was "a matter of time before a cyber security breach on an airline occurs." It is not the first time concerns have been raised about the security vulnerabilities of commercial aircraft.