Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Warriors. Show all posts

From Civilians to Cyber Warriors: China’s MCF Program Ignites a Western Typhoon

 


Cyber offensives by China against foreign targets are of concern to the international community because its military and civilian technological institutions work together to achieve greater effectiveness thanks to the combination of civilian and military technology services. In democratic countries, it is proving to be extremely difficult to replicate this sophisticated approach. Xi Jinping, the president of China, has outlined his ambition for China to become a cyber power by 2020; to achieve this goal, significant investments have been made into this initiative since 2014. 

To enhance the country's offensive cyber capabilities, billions of dollars have been allocated, organizational structures have been refined within the security agencies, and legal frameworks have been established. In addition, there is a lesser-known aspect of the hacker community in China and how it works together with state-sponsored efforts to combat cybercrime. 

A number of these hackers participate in hacking competitions and bug bounty programs, focusing on Western products and systems. They provide vulnerabilities that are useful for offensive cyber activities, and they are associated with companies that work closely with government agencies. According to recent warnings from US and British officials, China's cyber threat is increasing. A recent study by Eugenio Benincasa sheds light on China's cyber offensives. According to the White House cyber director, Beijing can cause havoc in the cyber sphere, while the head of a UK spy agency describes the challenge as "epoch-defining." 

According to the research, China's offensive cyber ecosystem is characterized by hacking contests, bug bounties, and hacking contests, demonstrating that it is a sophisticated system enabling unauthorized access, data theft, and system compromises to keep the state at bay. According to Chinese government regulations, hackers are evaluated based on the performance they display in hacking competitions and bug bounty programs. Two types of researchers belong to this group: prominent researchers associated with Chinese companies with connections to intelligence agencies, and government contractors that are not publicly visible. 

In China, cyber operations are executed by hired hackers, while elite researchers research vulnerabilities. A similar setup is aligned with China's Military-Civil Fusion program, which utilizes civilian talent to support the military. As China's cybersecurity industry matures, education opportunities are expanding, and international hacking competitions are becoming increasingly popular, creating a strong foundation for the sector. 

As Chinese teams have excelled in prestigious contests such as DEFCON CTF and Pwn2Own, they have challenged the dominance of the United States. Several Chinese civilian hackers have contributed greatly to bug bounty programs of major US companies, exposing vulnerabilities and gaining recognition for their contributions. 

The government has strategically utilized civilian resources for cyber activities, blurring the line between military and civil domains in cyberspace by making it difficult for democratic nations to keep up. As a result of China's weaponization of civilian hackers, democratic nations face a major challenge. The integration of civilian and military capabilities in cyber offensives highlights the urgent need for stronger global cybersecurity measures.

Under Siege: Ukrainian Cyber Warriors Erase Vital Russian Military Data Center

 


On April 8 of this year, sources in the Ukrainian Security Service of Ukraine (SBU) told the Kyiv Independent that Ukrainian hackers, possibly linked to the SBU, destroyed a data centre used by Russian military, energy, and telecommunications companies. In a recent attack, Ukrainian hackers connected to the SSU cyber department destroyed a data centre belonging to a Russian industrial giant. 

They included Gazprom, Lukoil, Telecom and some of the leading military companies in the country. Sources have stated that more than 10,000 entities involved in the Russian military industry have stored their data in OwenCloud.ru cloud services, which the hackers targeted. 

A number of these companies, including Ural Works of Civil Aviation, Rubin, Ural Plant Spectechniks, Gazprom, Transgaz, Lukoil, Rosneft, Nornickel, Rostelecom, or MegaFon, reportedly make up this group: the oil and gas industry, the metallurgical and aerospace industry, as well as major telecommunication giants. 

A source stated that over 300 TB of data were taken out of circulation on 400 virtual and 42 physical servers. This operation involved the Ukrainian hacking group BLACKJACK and the cyber division of the Ukrainian Security Service. In addition to internal documents and backups, these servers had software used to manage production processes remotely, according to a source. 

The OwenCloud.ru website, at the moment of publication, displays what is alleged to be a message left by a group called Blackjack, stating that the centre's "information technology infrastructure has been destroyed." The Ukrinform news service reports nearly 4,500 cyberattacks on Ukraine are carried out by Russian hackers every year. Kyivstar was attacked by a powerful hacker on December 12, 2023, which caused the company to experience a technical breakdown.

Communication and internet services stopped working. It is estimated that around 16,000 Russian companies are affected by the strike, such as Lukoil, Rosneft, The Ural Works of Civil Aviation (which is part of the Roselectronika holding), Ural Special Equipment Plant, Gazprom, Transgaz, Norilsk Nickel, Rostelecom, Telecom, and Megafon. As a result, the source asserted that OwenCloud.ru is hosting over 10,000 legal entities, including the military-industrial sector, oil and gas industry, metallurgical and aerospace companies, and telecommunication giants. 

It was reported that the hack affected various organizations, such as companies in the oil and gas and telecommunications sectors and the country's military. In the Kyiv Independent report, there was a list of victims that included Ural Works of Civil Aviation, Rubin, Ural Plant Spectechniks, Gazprom, Transgaz, Lukoil, Rosneft, Nornickel, Rostelecom, and MegaFon, among others. 

The source of NV's report revealed on March 18 that Ukrainian hackers were able to access correspondence between Russian CEC member Nikolai Levichev and Boris Nadezhdin, a candidate in the so-called presidential election. As a result of being denied registration as a presidential candidate, Nadezhdin actively contacted representatives of the Russian Central Election Commission and resolved personal and political issues, including addressing the refusal of the Russian Central Election Commission. 

According to the hacker group, this suggests that a "fake presidential candidate" is at play. Ukrainian hackers are known for regularly stealing information about Russian websites, payment systems, and state-owned companies. Thousands of Russian organizations were accessed by Ukrainian hackers in January, and 200 gigabytes of data was obtained. 

A Russian state-owned company that builds military facilities across the entire Russian territory has also been crashed by the BLACKJACK hacker group. They have also stolen documentation for 500 military facilities maintained by the Russian Ministry of Defense. On the servers of the Russian Ministry of Defense, a DDoS attack was launched by hackers from the Defense Intelligence Department.