31 October 2014

Axiom: New and Extremely Sophisticated Chinese Cyber Espionage Organization Identified

Researchers identify sophisticated Chinese cyberespionage group

Ellen Nakashima
Washington Post
October 28, 2014

A coalition of security researchers has identified a Chinese cyberespionage group that appears to be the most sophisticated of any publicly known Chinese hacker unit and targets not only U.S. and Western government agencies but also dissidents inside and outside China.

News of the state-sponsored hacker group dubbed Axiom comes a week before Secretary of State John F. Kerry and two weeks before President Obama are due to arrive in Beijing for a series of high-level talks, including on the issue of cybersecurity.

In a report to be issued Tuesday, the researchers said Axiom is going after intelligence benefiting Chinese domestic and international policies — an across-the-waterfront approach that combines commercial cyberespionage, foreign intelligence and counterintelligence with the monitoring of dissidents.

Axiom’s work, the FBI said in an industry alert this month, is more sophisticated than that of Unit 61398, a People’s Liberation Army hacker unit that was highlighted in a report last year. Five of the unit’s members were indicted this year by a U.S. grand jury. The researchers concur with the FBI’s conclusion, noting that, unlike Unit 61398, Axiom is focused on spying on dissidents as well as on industrial espionage and theft of intellectual property.

“Axiom’s activities appear to be supported by a nation state to steal trade secrets and to target dissidents, pro-democracy organizations and governments,” said Peter LaMontagne, chief executive of Novetta Solutions, a Northern Virginia cybersecurity firm that heads the coalition. “These are the most sophisticated cyberespionage tactics we’ve seen out of China.”

Chinese Embassy spokesman Geng Shuang said in an e-mail that “judging from past experience, these kinds of reports or allegations are usually fictitious.” He repeated Beijing’s position that Chinese law prohibits cybercrime and that the government “has done whatever it can to combat such activities.”

Senior Obama administration officials have over the past year and a half publicly called on China to halt its practice of stealing U.S. commercial secrets to benefit its own industries. China, especially in the wake of disclosures last year of widespread U.S. government surveillance by former National Security Agency contractor Edward Snowden, has pushed back, arguing that it is the United States that needs reining in.

Geng said in his e-mail: “China is a victim of these kinds of attacks, according to the Snowden revelations.” Following the PLA indictments in May, Beijing pulled out of bilateral talks aimed at easing tensions in cyberspace.

In recent weeks, the research consortium has detected Axiom malicious software on at least 43,000 computers around the world belonging to law enforcement and other government agencies, journalists, telecommunication and energy firms, and human rights and pro-democracy groups.

The group said there also are indications that Axiom may be behind a high-profile cyberattack on Google, announced in 2010, which compromised the tech giant’s source code and targeted Chinese dissidents using Gmail.

At least one Chinese-language computer in the United States was targeted, the report said, without specifying to whom the computer belonged.

No comments: