Don’t you wish that Chuck Norris came out of retirement and took on the Chinese cyber hackers?
First let us set the stage:
We have discussed in the past blogpost the ‘awakening moment’ of Chinese hacking into American companies:
Here is the post https://oversitesentry.com/china-attacks-and-we-do-nothing-for-most-part/ (I like to show you the full link so you are not surprised where you are going)
In 2006 Mandiant(which was purchased by FireEye) observed APT1 compromised 141 companies spanning 20 major industries.
APT1 (Advanced Persistent Threat) was software developed by China’s unit 61398 (a PLA – Peaple’s Liberation Army organization) to specifically infiltrate western companies.
In fact 61938 accessed a victim’s(companies in US) network for 1764 days or for 4 years and 10 months.
Mandiant even cautioned that this evidence they uncovered is only the start of an investigation and there may be many more breaches and infiltrations. this information was only based on 91 of 141 victim organizations. In remaining cases APT1 activity is either ongoing or Mandiant does not have visibility into the last known APT1 activity in the network.
Here is a telling quote:
“Once APT1 has established access, they periodically revisit the victim’s network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists from victim organizations’ leadership.”
Thus let us say that this is now considered ‘true evidence of history’ I.e. China conducted a sophisticated cyber-espionage for years, accumulating information and data (Intellectual properties and more) so they can use it in the future.
In my mind it is a higher chance that the SolarWinds breach was done by the Chinese and now are faking the attribution to Russia(or some of our CIA/FBI does not want to attribute the attack to China). These are classic Chinese tactics to deal with the ‘bigger’ rival within the sky or 天空 as everyone knows from the warring states period in history from ancient.edu ¹
From 482/403 BCE – 221 BCE. This was an era of many kingdoms for the Chinese people in general. Notice that it has a couple of different starting periods and ended with a single empire taking control of the whole country. (the Han, Wei, and Zhao) were officially recognized although there were more major states(7) at one time. The bottom line is that the natural order of things according to Chinese history is for 1 entity to take control.
The Han Chinese are today espousing today it is the same thing, there can only be one sun in the sky so it will be the Han Chinese of course. This is common knowledge to the history student and thus we know that China is hacking everyone because they have to so they can be the final country standing after the conflict is over. And in classic Sun Tzu style always lie, cheat and fake your way if you can so that a direct confrontation can be avoided as long as possible.
These facts make me wonder if the SolarWinds hack was actually the Chinese. And this is why I believe in following the historical precedents and keeping the attribution open to many possibilities. Attribution is always difficult.
Humans in general have a tendency to Exaggerate at the most inopportune times… is this one of them?
What did Chuck Norris say to the hackers? While you were attacking me I already hacked you , so now I know what you are doing, my recommendation is to give yourself up now before I reach across the wire and give you my trademark round house kick.
My book will uncover the world of Chinese hacking to you a bit more.
¹ Cartwright, M. (2017, July 12). Warring States Period. Ancient History Encyclopedia. Retrieved from https://www.ancient.eu/Warring_States_Period/