- Security TWENTY
- Women in Security
A group known as APT 10 acted on behalf of the Chinese Ministry of State Security to carry out a malicious cyber campaign targeting intellectual property and sensitive commercial data in Europe, Asia and the United States, says the UK Foreign Office.
The UK’s National Cyber Security Centre (NCSC) assesses with the highest level of probability that the group widely known as APT 10 is responsible for this sustained cyber campaign focused on large-scale service providers, the FO says.
Foreign Secretary, Jeremy Hunt said: “This campaign is one of the most significant and widespread cyber intrusions against the UK and allies uncovered to date, targeting trade secrets and economies around the world. These activities must stop. They go against the commitments made to the UK in 2015, and, as part of the G20, not to conduct or support cyber-enabled theft of intellectual property or trade secrets.
“Our message to governments prepared to enable these activities is clear: together with our allies, we will expose your actions and take other necessary steps to ensure the rule of law is upheld.”
Such a blunt naming of a foreign country as being behind cyber-attack makes a contrast from the authorities’ previous coyness; but is in line with an earlier similar condemnation of Russia, or to be precise attributing attacks including NotPetya, the WADA hack and leak and BadRabbit to the GRU (Russian Military Intelligence).
Malcolm Taylor, Director of Cyber Advisory at cyber firm ITC Secure said: “In many ways this isn’t news. In truth the second oldest profession has moved from street corners and traditional SIGINT into the world of cyber; countries now conduct espionage through cyber attacks. There are, though, some very important caveats to that.
“Firstly, it’s clear that the UK and US believe that China are using state intelligence capability to target western companies. All companies have incredibly valuable things to protect – but far from all of them protect their secrets as they should. This is yet another reminder that companies of all sizes across different sectors should take all the necessary steps to protect themselves.
“Secondly, it’s a fascinating diplomatic move to go public now. It comes after the Huawei affair, the apparently reactive arrests in China of Canadian business people, and the trade war, and it looks like an extension of those by other means. The US and the UK have gone public with Russia recently, over the botched GRU activity in the Netherlands. It is slightly surprising to see a similar approach being used for China, and may show the West’s concern at the growing power of China. The Chinese have been very clever; through global investment regimes and soft power and the rapid growth of, and technical ability of, Huawei, they now have a critical presence inside the internet backbone. Has that worried the west, such that now they are responding?”
See also the US Department of Justice website.