Oliver Bradshaw | 11 Dec 2017
Three Chinese nationals have been indicted by the US Justice Department on Monday after it was revealed they allegedly stole intellectual property from three companies.
Although normal procedure would include a confrontation with Chinese heads of state by the United States government, the Trump administration has yet to move forward. The data theft took place during both the Trump and Obama administrations.
According to the charges brought forward in Pittsburgh, the hackers allegedly accessed and helped themselves to swaths information and intellectual property from three US-based companies, including navigation system maker, Trimble; Siemens and Moody’s Analytics.
All three hackers charged in Pittsburgh are believed to be Chinese citizens, living in China and on contract for Guangzhou Bo Yu Information Technology Co., also known as Boyusec, according to court documents. Security experts and US intelligence experts state that Boyusec may be working for the Chinese ministry of state security, similar to the US National Security Agency. Though, the documents unsealed on Monday didn’t confirm any links to the Chinese state.
The US intelligence investigators had concluded that the three Chinese hackers who were charged in Pittsburgh were working for a Chinese intelligence firm as contractors, though court documents deny any of the thefts were sponsored by China.
A major flaw in the security of businesses which often results in the stolen information and unauthorised access is the lack of a barrier between the internet and the server says DigitalOcean, a security consulting firm.
Utilising a server-wide VPN eliminates the risk of a ‘man-in-the-middle’ attack and removing the ability of a hacker to “imitate a server in your infrastructure to intercept traffic,” DigitalOcean says. It’s also important to note that the VPN service protecting the corporate servers should be kept running so that your servers have a map that is only visible to those within the company and no one else.
Ultimately, DigitalOcean’s suggested use of corporate and business-wide VPNs is your sure-fire way to ensure that, “only services that are meant to be consumable by clients on the public internet need to be exposed on the public network,” and everything else is hidden from view.
Back in 2015 during the Obama administration, Barack Obama made a deal with Chinese President Xi Jinping prohibiting both the US and China from hacking, stealing or access intellectual property with the purpose of giving an edge to domestic companies.
Data collected by US intelligence agencies has revealed that in recent months the number of Chinese-based hacks and data theft has risen to the conclusion that China has broken the agreement, but there isn’t currently enough evidence to publicly address the situation and call out China for their government’s role in the alleged hacks and data theft.
Although the Obama administrations officials commended its actions on China to reduce cyberattacks and data theft, there are now reports that the agreement did little, to nothing at all to stop the attacks and illegal cyber activity. Towards the end of Obama’s administration, officials had noted that Chinese cyber activity was at levels higher than before the agreement and that China may also be assisting North Korea in collecting sensitive US data.
Post Views: 776