"He has made a career out of committing these crimes against foreign companies, all with the assumption that he would never face consequences for his actions." "Xu engaged in a wide reaching pattern of deception, computer hacking, and theft," prosecutors wrote in court documents ahead of Wednesday's sentencing. Prosecutors said he arranged and paid for apparently unwitting industry experts to travel to China in an attempt to obtain the information. He was accused of identifying specific aviation technology sought by the Chinese government and working with other MSS officers to co-opt executives of foreign technology companies and work to extract the desired information from them.Īt times using aliases and acting under the guise of Chinese universities, Xu tried to steal technology related to GE Aviation's composite aircraft engine fan, which has not been duplicated by any other company in the world, the Justice Department said. Yanjun Xu, a deputy division director of China's intelligence arm, known as the Ministry of State Security (MSS), was indicted in 2018. Washington - A Chinese intelligence officer convicted of economic espionage and stealing aviation trade secrets from companies including General Electric (GE) was sentenced to 20 years in federal prison on Wednesday, one year after a jury in Ohio convicted him on all counts. ET: This article was updated with comment from Palo Alto Networks.Biden, Xi attempt to calm tensions between U.S. The company said the group, known as UNC1945 or LightBasin, has been active since at least 2016. cybersecurity firm Crowdstrike said a hacking group with suspected ties to China compromised calling records and text messages across the globe. "Two of the tools used in the attack are open source and were designed for Chinese language users," added Olson, noting that the group is yet to make a "conclusive attribution" to a threat group for the campaign. Ryan Olson, VP Threat Intelligence, Unit 42 at Palo Alto Networks said in a statement to Newsweek that "based on the tools and techniques used in this campaign we see an overlap with EmissaryPanda/APT27." It has also staged attacks in Asia and the Middle East. It has previously targeted entities worldwide, including defense contractors in the U.S. "While the webshells and exploits differ, once the actors achieved access into the environment, we noted an overlap in some of their exfiltration tooling."Įmissary Panda, which has links to the Chinese government, has been active since at least 2010. "Specifically, as documented by SecureWorks in an article on a previous TG-3390 operation, we can see that TG-3390 similarly used web exploitation and another popular Chinese webshell called ChinaChopper for their initial footholds before leveraging legitimate stolen credentials for lateral movement and attacks on a domain controller," Palo Alto Networks explained in its report. The cybersecurity firm noted that while attribution is still ongoing, specific tools and methods used in the apparent hacking efforts are in line with those used by Chinese cyber-espionage group Emissary Panda, also known as TG-3390, APT 27 and Bronze Union. "Ultimately, the actor was interested in stealing credentials, maintaining access and gathering sensitive files from victim networks for exfiltration," Palo Alto Networks noted. The hacking group was able to compromise the entities by exploiting vulnerabilities in software used to manage network passwords, known as ManageEngine ADSelfService Plus, the post said. Read more First Chinese Spy to Be Extradited Is Convicted of Trying to Steal Secrets
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |