“China is a clear and present danger to the world and not just to the United States”

  “China is a clear and present danger to the world and not just to the United States,” Col. 

Stefan Banach, U.S. Army, Retired, told ClearanceJobs.  Banach noted several areas where China presents a serious threat, and this includes China’s pursuit of global social control; how its Pacific Island chain maneuvers are now denying shipping lanes that could impact global commerce and create strategic shipping choke points; China’s massive technology overreach; and its One Belt One Road Strategy to create a new Silk Road to control the global economy….

  “China has a strategy,” added Banach. “They are implementing it indirectly.  They are on course to control global shipping, global technology and the global economy writ large.” “China has a strategy,” added Banach. “They are implementing it indirectly. They are on course to control global shipping, global technology and the global economy writ large.”  https://news.clearancejobs.com/2019/04/19/is-china-using-hacked-opm-data/

…………………….……

10-14-19      In September the Justice Department filed fraud charges against a professor in Texas,

Bo Mao, for allegedly stealing solid-state-drive computer technology from a Silicon Valley startup, CNEX Labs.  Mr. Mao has pleaded not guilty.  Though the criminal case does not explicitly cite Huawei, Mr. Mao was earlier accused of stealing technology for Huawei in a civil suit CNEX filed against the Chinese tech giant.  A jury for the civil case concluded in June that Huawei misappropriated solid-state-drive technology from CNEX.  The civil suit closely parallels the criminal one laid out against Mr. Mao.  It’s reasonable to conclude the civil suit describes the same incidents covered under the criminal charges against Mr. Mao.

  In July an American court found an adjunct professor from the University of California, Los Angeles guilty of penetrating the systems of a company that makes monolithic microwave integrated circuits.  These devices provide the data for enhanced target acquisitions in weapons systems by the Air Force, Navy and Defense Advanced Research Projects Agency. 

  Yi-Chi Shih conspired with a co-defendant to transfer the technology to a company Mr. Shih ran in China, which was gearing up to manufacture the advanced chips.  That company, Chengdu GaStone Technology Co., was placed on the Commerce Department’s Entity List in 2014 because “it had been involved in the illicit procurement of commodities and items for unauthorized military end use in China.”  Mr. Shih faces a sentence of 219 years in prison….

  Perhaps the granddaddy of all recent incidents took place in December when the Justice Department and FBI disclosed that they had broken up a roughly four-year operation by a hacking group known as APT10 in Tianjin, China, which worked with the Ministry of State Security.  APT10 was able to penetrate America’s cloud computing systems using malware that fooled intrusion detection systems.  It was then able to “hop” onto the systems of companies that relied on cloud computing firms, reportedly including IBM, to protect their data.  One of the targets was the U.S. Navy.  APT10 stole the names and personal details of 100,000 naval personnel and also stole ship maintenance information, which could have practical use in any naval showdown in the Pacific….

  Outside security, military and intelligence circles the U.S. has been slow to wake up to the Chinese hacking and espionage campaign because it has been subtle and longterm.  https://www.wsj.com/articles/chinas-techno-kleptomania-11571093919

……………………….

11-6-2018  once X2 had access to OPM systems, they used an Active Directory privilege escalation technique to obtain root access.  This was used to install a variant of the PlugX malware, a remote access tool that allowed the attackers to navigate around OPM's systems and compress and exfiltrate data, on several of OPM servers--including, crucially, the "jumpbox," the administrative server that was used to log into other servers.  Sakula, another linked piece of remote control malware, was installed around the same time.

  As noted, X2's infiltration was finally detected on April 15, 2015, when a security engineer was investigating encrypted SSL traffic on OPM's networks.  The researcher determined a beacon-like ping was connecting a component on OPM's infrastructure called mcutil.dll to a website called opm­security.org   https://www.csoonline.com/article/3318238/the-opm-hack-explained-bad-security-practices-meet-chinas-captain-america.html

………………...................................…

10-31-18  The five-year conspiracy was led by Zha Rong, a division director of the Jiangsu Province Ministry of State Security, and Chai Meng, a section chief — both supervisors overseeing human intelligence and intellectual property theft operations within the ranks of the Chinese government, according to the indictment….

  In September a Chicago federal grand jury indicted a Chinese-born U.S. Army Reserves soldier who is accused of working as an agent for the same intelligence group.  His role was to help recruit Chinese nationals working in the U.S. as scientists and engineers to become spies, according to the indictment.  

  On Thursday arrest warrants were issued for 10 people in the most recent case, however, all defendants are believed to be in China….The officers are accused of deploying a group of hackers to steal information on the technology of a turbofan engine being developed by an unnamed French aerospace manufacturer and a U.S.-based company.…

  The conspiracy also used two insiders working for the French aerospace company to operate as moles, according to the indictment.  The company had offices in Suzhou, Jinagsu province.

  In November 2013, an intelligence officer told Tian Xi, a product manager for the French company:  "I'll bring the (Trojan) horse (malware) to you tonight.  Can you take the Frenchmen out to dinner tonight?  I'll pretend I bump into you at the restaurant to say hello.  This way we don't need to meet in Shanghai," the indictment states.  https://www.govtech.com/security/Alleged-Chinese-Spies-Indicted-in-US-Aircraft-Tech-Hacking-Case.html

……………………..…

1-11-19   And in U.S. v. Wang Dong a group of hackers within China’s People’s Liberation Army were charged with hacking computers over the course of eight years to obtain information from steel, specialty metals, nuclear power plant and solar companies in the U.S. that would be useful to Chinese competitors.  Although it has not been possible to extradite these hackers (there is no U.S.-China extradition treaty) or otherwise bring them to face charges, the indictments led to a U.S.-China agreement that neither side would “conduct or knowingly support cyber-enabled theft of intellectual property.”  In addition, more recent cases have focused on trade secret theft involving computer crime and so-called “human source” compromises.  https://finance.yahoo.com/news/u-pursuit-nation-state-hackers-120015612.html

……………………..

10-30-18  Chinese Intelligence Officers and Their Recruited Hackers and Insiders Conspired to Steal Sensitive Commercial Aviation and Technological Data for Years  https://www.justice.gov/opa/pr/chinese-intelligence-officers-and-their-recruited-hackers-and-insiders-conspired-steal

…...............................................…

-The external casing for aircraft engines hang on the production line at the Rolls-Royce Holdings Plc factory in Derby, UK, in August 2015. 

………............................................

7-26-19    As a result of this process of retrieving personal information, Intrusion Truth has concluded that a man and two other hackers are behind APT 17.  Further to help hide the activities of the group the man in charge, believed to be an officer of the Chinese Ministry of State Security (MSS), owns four shell companies.  All three of them operate in the city of

Jinan, the capital of China's Shandong province.  Intrusion Truth has also published articles on both Mr. Wang and Mr. Zeng with both articles helping further illuminate the companies run by APT 17. The companies have been used as a front are Jinan Quanxin Fangyuan Technology Co. Ltd., Jinan Anchuang Information Technology Co. Ltd., Jinan Fanglang Information Technology Co. Ltd., and RealSOI Computer Network Technology Co. Ltd. Not only has Intrusion Truth been able to uncover the companies behind the operations but also the names of those involved.

  The MSS officer, according to Intrusion Truth, is one Guo Lin. The two hackers are Wang Qingwei, a representative of the Jinan Fanglang Company, and Zeng Xiaoyong, the individual behind the online profile “envymask”. The link to Zeng Xiaoyong was made by similarities in the code used in the malware ZoxRPC and Zeng’s code. Analyzed by Novetta and the code used by Zeng was also found in the malware MS08-067, a variant which “envymask” apparently created and claimed responsibility for. The evidence against Zeng was used to link the active players behind APT 17, which started life out been called “missll”  

https://www.pcrisk.com/internet-threat-news/15473-apt-17-unmasked

.................................

11-30-17   The Chinese regime officially handed down a five-year jail sentence to conclude the show trial of

 Lee Ming-che, a Taiwanese activist who has been imprisoned in China since March of this year.  Among other things, Lee was accused of using WeChat and other messaging apps to spread “subversive” messages, such as those promoting democracy in China.   The 42-year-old Lee disappeared in late March 2017 when he attempted to enter China via Zhuhai, in Guangdong Province, from Macau....As is typical with how criminal justice works in China, nowhere in the recorded video did Lee’s court-assigned attorney speak in Lee’s defense nor attempt to reduce the sentence.  https://www.google.com/url?sa=i&url=https%3A%2F%2Fm.theepochtimes.com%2Fchinese-regime-sentences-taiwan-activist-to-five-years-in-prison-for-discussing-democracy-on-facebook-and-wechat_2370771.html&psig=AOvVaw1iREaSUqeWh9naMT9AKand&ust=1571189021925000&source=images&cd=vfe&ved=0CA0QjhxqFwoTCNCr9K-NneUCFQAAAAAdAAAAABAh