Sammyboy RSS Feed
30-11-2015, 11:10 AM
An honorable member of the Coffee Shop Has Just Posted the Following:
Cyber spies raise their game against pro-democracy Chinese
Date November 30, 2015 - 10:12AM
Clare Baldwin, James Pomfret and Jeremy Wagstaff
http://www.smh.com.au/content/dam/images/g/l/b/4/k/r/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
An employee operates a forklift to transport a pallet stacked with bundles of the Apple Daily newspaper, published by Next Media, at the company's printing facility in Hong Kong. Photo: Reuters
Almost a year after students ended pro-democracy street protests in Hong Kong, they face an online battle against what Western security experts say are China-sponsored hackers using techniques rarely seen elsewhere.
Hackers have expanded their attacks to parking malware on popular file-sharing services including Dropbox and Google Drive to trap victims into downloading infected files and compromising sensitive information. They also use more sophisticated tactics, honing in on specific targets through so-called 'white lists' that only infect certain visitors to compromised websites.
Security experts say such techniques are only used by sophisticated hackers from China and Russia, usually for surveillance and information extraction.
http://www.smh.com.au/content/dam/images/g/l/b/4/g/r/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
A copy of the Apple Daily newspaper. Photo: Reuters
The level of hacking is a sign, they say, of how important China views Hong Kong, where 79 days of protests late last year brought parts of the territory, a major regional financial hub, to a standstill. The scale of the protests raised concerns in Beijing about political unrest on China's periphery.
"We're the most co-ordinated opposition group on Chinese soil, [and] have a reasonable assumption that Beijing is behind the hacking," said Lam Cheuk-ting, chief executive of Hong Kong's Democratic Party, which says it has been a victim of cyber attacks on its website and some members' email accounts.
US-based internet security company FireEye said the attacks via Dropbox were aimed at "precisely those whose networks Beijing would seek to monitor", and could provide China with advance warning of protests and information on pro-democracy leaders. The company said half its customers in Hong Kong and Taiwan were attacked by government and professional hackers in the first half of this year — two and a half times the global average.
http://www.smh.com.au/content/dam/images/g/l/b/4/g/t/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
Occupy Central movement founder Benny Tai at the University of Hong Kong. Photo: Reuters
China has previously denied accusations of hacking, calling them groundless, and saying it is a victim.
Like other groups taking on the might of Beijing — from Uighurs and exiled Tibetans to some Taiwanese — Hong Kong activists, academics and journalists have become more savvy and adopted tactics that, in turn, force hackers to get savvier still.
When Tibetan exile groups stopped clicking on files attached to emails, to avoid falling victim to a common form of 'spear phishing' attack, hackers switched their malware to Google Drive, hoping victims would think these files were safer, said Citizen Lab, a Canada-based research organisation which works with Tibetans and other NGOs.
Hackers also recently used Dropbox to lure Chinese language journalists in Hong Kong into downloading infected files. FireEye, which discovered the attack, said it was the first time it had seen this approach.
"We don't have any arrogance to think we can beat them," said Mark Simon, senior executive at the parent company of Hong Kong's Apple Daily, a media group on the front line of the attacks.
Trying to stay ahead of the hackers, activists and others use multiple mobile phones with different SIM chips, encrypted messaging apps, apps that automatically delete tweets, and code words to set up meetings. If someone thinks they may be arrested, they remove themselves from group chats.
Some things are kept offline.
"If we want to talk, we have some signal," said Derek Lam, a member of student group Scholarism that helped organise the protests. "It's a few words ... if I say some words that are really strange it means we have to talk somewhere privately."
Law professor and protest organiser Benny Tai stores personal data, such as names, email addresses and mobile numbers, on an external hard drive that he says he only accesses on a computer without an internet connection.
The pro-democracy Apple Daily, which says it is hacked on an almost weekly basis, has tightened its email security software, and has its lawyers use couriers rather than email. FireEye last year connected denial of service (DDoS) attacks against Apple Daily with more professional cyber spying attacks, saying there may be a "common quartermaster". It said China's government would be the entity most interested in these "political objectives".
Steven Adair, co-founder of US-based security firm Volexity, said that code hidden on pro-democracy websites last year, including those of the Democratic Party and the Alliance for True Democracy, suggested a group he said "we strongly suspect to be Chinese ... who is very well resourced."
He said such tactics were more usually seen employed by Russian hackers, aimed at very specific targets and designed to be as unobtrusive as possible. "It's a real evolution in targeting," he said.
Reuters
Click here to view the whole thread at www.sammyboy.com (http://sammyboy.com/showthread.php?220828-Cyber-spies-raise-their-game-against-pro-democracy-Chinese&goto=newpost).
Cyber spies raise their game against pro-democracy Chinese
Date November 30, 2015 - 10:12AM
Clare Baldwin, James Pomfret and Jeremy Wagstaff
http://www.smh.com.au/content/dam/images/g/l/b/4/k/r/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
An employee operates a forklift to transport a pallet stacked with bundles of the Apple Daily newspaper, published by Next Media, at the company's printing facility in Hong Kong. Photo: Reuters
Almost a year after students ended pro-democracy street protests in Hong Kong, they face an online battle against what Western security experts say are China-sponsored hackers using techniques rarely seen elsewhere.
Hackers have expanded their attacks to parking malware on popular file-sharing services including Dropbox and Google Drive to trap victims into downloading infected files and compromising sensitive information. They also use more sophisticated tactics, honing in on specific targets through so-called 'white lists' that only infect certain visitors to compromised websites.
Security experts say such techniques are only used by sophisticated hackers from China and Russia, usually for surveillance and information extraction.
http://www.smh.com.au/content/dam/images/g/l/b/4/g/r/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
A copy of the Apple Daily newspaper. Photo: Reuters
The level of hacking is a sign, they say, of how important China views Hong Kong, where 79 days of protests late last year brought parts of the territory, a major regional financial hub, to a standstill. The scale of the protests raised concerns in Beijing about political unrest on China's periphery.
"We're the most co-ordinated opposition group on Chinese soil, [and] have a reasonable assumption that Beijing is behind the hacking," said Lam Cheuk-ting, chief executive of Hong Kong's Democratic Party, which says it has been a victim of cyber attacks on its website and some members' email accounts.
US-based internet security company FireEye said the attacks via Dropbox were aimed at "precisely those whose networks Beijing would seek to monitor", and could provide China with advance warning of protests and information on pro-democracy leaders. The company said half its customers in Hong Kong and Taiwan were attacked by government and professional hackers in the first half of this year — two and a half times the global average.
http://www.smh.com.au/content/dam/images/g/l/b/4/g/t/image.related.articleLeadwide.620x349.glb2ad.png/1448838733381.jpg
Occupy Central movement founder Benny Tai at the University of Hong Kong. Photo: Reuters
China has previously denied accusations of hacking, calling them groundless, and saying it is a victim.
Like other groups taking on the might of Beijing — from Uighurs and exiled Tibetans to some Taiwanese — Hong Kong activists, academics and journalists have become more savvy and adopted tactics that, in turn, force hackers to get savvier still.
When Tibetan exile groups stopped clicking on files attached to emails, to avoid falling victim to a common form of 'spear phishing' attack, hackers switched their malware to Google Drive, hoping victims would think these files were safer, said Citizen Lab, a Canada-based research organisation which works with Tibetans and other NGOs.
Hackers also recently used Dropbox to lure Chinese language journalists in Hong Kong into downloading infected files. FireEye, which discovered the attack, said it was the first time it had seen this approach.
"We don't have any arrogance to think we can beat them," said Mark Simon, senior executive at the parent company of Hong Kong's Apple Daily, a media group on the front line of the attacks.
Trying to stay ahead of the hackers, activists and others use multiple mobile phones with different SIM chips, encrypted messaging apps, apps that automatically delete tweets, and code words to set up meetings. If someone thinks they may be arrested, they remove themselves from group chats.
Some things are kept offline.
"If we want to talk, we have some signal," said Derek Lam, a member of student group Scholarism that helped organise the protests. "It's a few words ... if I say some words that are really strange it means we have to talk somewhere privately."
Law professor and protest organiser Benny Tai stores personal data, such as names, email addresses and mobile numbers, on an external hard drive that he says he only accesses on a computer without an internet connection.
The pro-democracy Apple Daily, which says it is hacked on an almost weekly basis, has tightened its email security software, and has its lawyers use couriers rather than email. FireEye last year connected denial of service (DDoS) attacks against Apple Daily with more professional cyber spying attacks, saying there may be a "common quartermaster". It said China's government would be the entity most interested in these "political objectives".
Steven Adair, co-founder of US-based security firm Volexity, said that code hidden on pro-democracy websites last year, including those of the Democratic Party and the Alliance for True Democracy, suggested a group he said "we strongly suspect to be Chinese ... who is very well resourced."
He said such tactics were more usually seen employed by Russian hackers, aimed at very specific targets and designed to be as unobtrusive as possible. "It's a real evolution in targeting," he said.
Reuters
Click here to view the whole thread at www.sammyboy.com (http://sammyboy.com/showthread.php?220828-Cyber-spies-raise-their-game-against-pro-democracy-Chinese&goto=newpost).