The group attacked over two dozen government agencies in Western Europe and the U.S., and compromised associated personal accounts of employees.

  • kobra@lemm.ee
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    2
    ·
    1 year ago

    I like how they make it seem like China has really leveled up their cybersecurity skillset to be able to hack into these systems. I’d bet money most of the access comes from phishing credentials from humans.

    • nymwit@lemm.ee
      link
      fedilink
      English
      arrow-up
      17
      ·
      1 year ago

      unless everyone is blatantly lying, it doesn’t seem like it:

      “This was a very advanced technique used by the threat actor against a limited number of high value targets. Each time the technique was used, it increased the chances of the threat actor getting caught,” said Google Cloud’s Mandiant senior vice president and chief technical officer Charles Carmakal. “Kudos to Microsoft for leaning in, figuring this out, remediating, collaborating with partners and being transparent.”

      “Last month, U.S. government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems. Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” National Security Council spokesperson Adam Hodge said in a statement to The Wall Street Journal. “We continue to hold the procurement providers of the U.S. government to a high security threshold.”>

      • Millie@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Just because it’s a technique doesn’t mean it isn’t social engineering.

  • nymwit@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    This either happens a lot or it happened a few weeks ago? I guess the official US statement is the news? Is it that the US is doing the same and so can’t react too strongly or can they not prove it was the Chinese government? Seems kind of like it should be a bigger deal. Not long before nation-state cyberattacks are going to count similarly to actual nation-state physical attacks.

    AP News initial report June 15

    AP News Chinese denial June 16

  • Caradoc879@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    7
    ·
    edit-2
    1 year ago

    So at what point do we consider cyberattacks to be acts of war and actually fucking do something more than hand-wringing

    • 1bluepixel@lemmy.ml
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      3
      ·
      1 year ago

      What are your expectations here? Bombing Shanghai and toppling the world economy in retaliation for stealing unclassified emails?

      • Caradoc879@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        6
        ·
        edit-2
        1 year ago

        Sanctions? More political pressure? Anything but bending over and letting China ream us in the ass? Give them an inch and they take a mile. We KNOW this, so why are we still capitulating?

        • jantin@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          3
          ·
          1 year ago

          You are obviously aware that “we” do it all the time as well - but no sane intelligence agency will go out shouting in press “WE DID STEAL CHINESE OFFICIALS’ EMAIL FOLKS, OUR AGENTS ARE TOP CYBERCOMMANDOS AMD LAST WEEK WE TOOK OVER A COMPUTER IN IRAN AND RECORDED THEIR MINISTER’S SECRET MEETING” Though actually Americans did go out shouting once recently, calling out Russia before they invaded Ukraine and making sure everyone gets the message “we know what russia is up to and we’re ready”. It was considered an extraordinary strategy when the sitting US president effectively broadcasted military intel.

        • Marko@mastodon.social
          link
          fedilink
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          @Caradoc879 @1bluepixel Who will punish the USA for collecting and selling data of the whole world’s population? Not to mention all the data FBI has access to without anyone’s permission. Talking about emails, if you happen to use Outlook mobile app, it downloads all your mail to their servers first before your emails are available to you. Android basically forces you to backup your own photos unless you explicitly force disable the “backup” to, again, their servers, in the USA.

        • Wholesalechicken@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          None of what you’ve described will control China’s behavior. The window of opportunity to effectively manage their belligerence was closed shortly after we allowed them into the WTO, which was when we had greater leverage to shoehorn their development than we do now.

          Right now we can only manage to have a marginal impact on their behavior with the tools we have now. Everything else is just a waiting game until our economies can adjust and de-risk while looking for more market disruptions with which we can gain an edge over China.

          If you really care enough about this, there are plenty of tools to which you can use to gain essential knowledge into cybersecurity and other critical technology sectors, and learn yourself into the field of information security.

            • Wholesalechicken@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              We do, and your country steals them.

              Also the cold war mentality.

              China is literally the analogue of the Soviet Union, they’ve even studied how they failed. Is this cold war mentality in the room with us right now, Mr. Zhang?

        • laylawashere44@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          1 year ago

          How do you politically pressure them exactly? Other countries you might threaten to cut off aid or recind arms deals or refuse plane sales, etc. China doesn’t rely on any of those things. In fact Boeing relies on China to buy planes to stay profitable. How are you supposed to sanction your 3rd largest trading partner which your first and second partner also relies on. The allies would either revolt or the global economy goes into depression.

          • 1bluepixel@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            2
            ·
            1 year ago

            People always talk about sanctions, but unless you’re sanctioning Cuba or North Korea, sanctions can be as damaging to the countries doing the sanctioning. Fully sanctioning China would essentially mean cutting ourselves off from the world’s top manufacturer, which would hurt the U.S. way more than China now that their domestic economy is in full swing.

            Not to mention that most if not will American-based multinationals would never go along with it.

          • 1bluepixel@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            1 year ago

            People always talk about sanctions, but unless you’re sanctioning Cuba or North Korea, sanctions can be as damaging to the countries doing the sanctioning. Fully sanctioning China would essentially mean cutting ourselves off from the world’s top manufacturer, which would hurt the U.S. way more than China now that their domestic economy is in full swing.

            Not to mention that most if not will American-based multinationals would never go along with it.