Rantburg

Today's Front Page   View All of Wed 05/28/2025 View Tue 05/27/2025 View Mon 05/26/2025 View Sun 05/25/2025 View Sat 05/24/2025 View Fri 05/23/2025 View Thu 05/22/2025
2017-04-22 China-Japan-Koreas
China Using Hackers to Target U.S. Missile Defense in South Korea
[LI] I’ve chronicled China’s opposition to the Terminal High-Altitude Area Defense (THAAD), the U.S. missile-defense system in South Korea. The Chinese government has denied retaliating against the system, but one American cybersecurity firm told The Wall Street Journal that it found evidence that Beijing has used hackers to target THAAD.

The firm FireEye discovered that "two cyberespionage groups that the firm linked to Beijing’s military and intelligence agencies have launched a variety of attacks against South Korea’s government, military, defense companies and a big conglomerate."

FireEye admitted that Chinese hackers often target South Korea, but their activity has grown since South Korea announced the deployment of THAAD. WSJ continued:
One of the two hacker groups, which FireEye dubbed Tonto Team, is tied to China’s military and based out of the northeastern Chinese city of Shenyang, where North Korean hackers are also known to be active, said Mr. [John] Hultquist, a former senior U.S. intelligence analyst. FireEye believes the other, known as APT10, may be linked to other Chinese military or intelligence units.

The two hacking groups with alleged ties to Beijing have been joined by other so-called hacktivists--patriotic Chinese hackers acting independently of the government and using names like the "Panda Intelligence Bureau" and the "Denounce Lotte Group," Mr. Hultquist said.

South Korea’s Lotte Group has become a particular focus of Chinese ire after the conglomerate approved a land swap this year that allowed the government to deploy a Thaad battery on a company golf course.

Last month, just after the land swap was approved, a Lotte duty-free shopping website was crippled by a denial-of-service attack, said a company spokeswoman, who added that its Chinese website had been disrupted with a virus in February. She declined to comment on its source.

Hultquist explained to WSJ that the hackers use "web-based intrusions" in order to gain access into the systems. This means they lure "people to click on weaponized email attachments or compromised websites." In other words, phishing.

Russia’s Kaspersky Lab ZAO also noticed more attacks on South Korea from hackers using malware "developed by Chinese speakers in February." Park Seong-su, a senior global researcher with the company, said those the firm observed also used "spear-phishing emails armed with malware hidden in documents related to national security."

South Korea Response
Last month, the South Korean Ministry of Foreign Affairs stated that hackers targeted its website "in a denial-of-service attack-one in which a flood of hacker-directed computers cripple a website-that originated in China."

The spokesman said that officials took "prompt defensive measure" to make sure the attacks did not cause any harm. Officials have also started an "emergency service system" to fight off the Chinese hackers.

However, the government did not offer more details. The spokesman also did not name the firm the government used to track down the hackers or if the hackers meant to target THAAD.
Posted by Besoeker 2017-04-22 07:57|| || Front Page|| [11132 views ]  Top
 File under: Commies 

#1 In my opinion, any hope of China supporting a 'one Korea' effort is delusional. We appear to have forgotten what took place in Nov of 1950:

On Nov. 25-26, 1950, the Chinese Army entered the Korean War in earnest with a violent attack against the American and United Nations forces in North Korea. The 300,000-man Chinese offensive caught the U.N. forces off guard, largely because of U.S. Gen. Douglas MacArthur's belief that China would not openly enter the war, and vastly expanded the conflict.

Link
Posted by Besoeker 2017-04-22 08:04||   2017-04-22 08:04|| Front Page Top

#2 
Posted by Crinegum Ulaigum2776 2017-04-22 08:43||   2017-04-22 08:43|| Front Page Top

#3 "All I know is the THAAD was streaming Netflix off the internet and then...the screen went blank"
Posted by Frank G 2017-04-22 09:08||   2017-04-22 09:08|| Front Page Top

#4 The Chinese like their chauvinistic history. Appeals to their tribal nature. Remind them that the North was once a largely a quasi-Chinese owned and operated Kingdom. Silla, today much of South Korea, not so much, far more autonomous.
Posted by Procopius2k 2017-04-22 09:10||   2017-04-22 09:10|| Front Page Top

#5 Besoeker likely has the right of it.
Posted by 3dc 2017-04-22 10:55||   2017-04-22 10:55|| Front Page Top

#6 Hildebeest and Obummer got all butt hurt about Russian hacking during the election but the fact is the Chinese have been trying to hack everything on the Internet and then some for years. Obama's policy was to cozy up with the Chinese and pretend nothing was happening. Hopefully the Trump administration can be more realistic.
Posted by Abu Uluque 2017-04-22 13:14||   2017-04-22 13:14|| Front Page Top

07:43 Procopius2k
07:42 BrerRabbit
07:42 Procopius2k
07:39 Procopius2k
07:36 Procopius2k
07:35 Procopius2k
07:34 trailing wife
07:31 Procopius2k
07:30 NN2N1
07:22 NN2N1
07:18 trailing wife
07:14 Richard Aubrey
07:10 NN2N1
07:09 Besoeker
07:03 NN2N1
06:58 NN2N1
06:58 Besoeker
05:28 Whiskey Mike
05:23 Whiskey Mike
05:21 Whiskey Mike
05:18 Whiskey Mike
05:15 Whiskey Mike
05:13 Whiskey Mike
05:08 Whiskey Mike









Paypal:
Google
Search WWW Search rantburg.com