Latest news with #FSB
Time of India
9 hours ago
- Politics
- Time of India
Is Beijing spying on Moscow? Chinese hackers target Russian agencies for war secrets: Report
Cybersecurity experts have uncovered that state-backed Chinese groups have been infiltrating Russian networks since the beginning of the Ukraine conflict, all in pursuit of sensitive military data. Although the two nations maintain a 'no-limits' partnership, a leaked FSB document indicates Russia's increasing unease regarding Chinese surveillance activities, even categorizing China as a potential adversary. Chinese state-affiliated groups have been reportedly hacking Russian government agencies and companies since the Ukraine war began, seeking military intelligence, according to cybersecurity analysts. According to NYT report, The cyber campaign intensified in May 2022, shortly after Russia's full-scale invasion of Ukraine, even as Presidents Xi Jinping and Vladimir Putin touted an unprecedented era of cooperation between their nations. In one notable incident in 2023, a Chinese group called Sanyo masqueraded as representatives of a major Russian engineering firm to gather intelligence about nuclear submarines, according to findings by TeamT5, a Taiwanese cybersecurity research firm. While China's military and technological capabilities surpass Russia's, Chinese military strategists have long noted their forces' lack of actual combat experience. The Ukraine conflict presents Beijing with an opportunity to study modern warfare tactics and Western military equipment's effectiveness, experts say. A classified FSB (Russia's domestic security agency) counterintelligence document obtained by The New York Times reveals Moscow's growing concerns about Chinese espionage. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Install the Perfect Pool at Home – Start Here Backyard Pool | Search Ads Learn More Undo The document explicitly labels China an "enemy" and acknowledges Beijing's efforts to acquire Russian defence technology and learn from its military operations in Ukraine. The relationship appears more complex than the publicly proclaimed "no-limits" partnership. While Russia has become increasingly dependent on China for oil exports and war-critical technology amid Western sanctions, the extent of Chinese cyber operations suggests significant mutual distrust. Though allies, both are occasionally known to engage in espionage against each other, the scale of China's cyber campaign against Russia indicates both deeper suspicion between the powers and Moscow's reluctance to fully share its battlefield insights from Ukraine.
Boston Globe
13 hours ago
- Politics
- Boston Globe
China unleashes hackers against its friend Russia, seeking war secrets
Advertisement China is far wealthier than Russia and has plenty of homegrown scientific and military expertise, but Chinese military experts often lament that Chinese troops lack battlefield experience. Experts say that China sees the war in Ukraine as a chance to collect information about modern warfare tactics, Western weaponry, and what works against them. 'China likely seeks to gather intelligence on Russia's activities, including on its military operation in Ukraine, defense developments, and other geopolitical maneuvers,' said Che Chang, a researcher with TeamT5. It is unclear how successful these attempts have been, partly because Russian officials have never publicly acknowledged these intrusions. But a classified counterintelligence document from Russia's domestic security agency, known as the FSB, makes clear that intelligence officials are concerned. The document, obtained by The New York Times, says that China is seeking Russian defense expertise and technology and is trying to learn from Russia's military experience in Ukraine. The document refers to China as an 'enemy.' Advertisement With Putin largely cut off from the West, his country has come to rely on China to buy its oil and sell it technology that is essential to its war effort. Moscow and Beijing have formed a bloc against Washington and its allies, alarming Western leaders. The FSB document presents a more complicated relationship than the 'no-limits' partnership that Xi and Putin describe. Allies have been known to spy on one another, but the extent of China's hacking activities against Russia suggests both a higher level of mutual distrust and a reluctance by the Kremlin to share all that it is learning on the battlefield in Ukraine. Drone warfare and software are of particular interest to China, the document says. 'The war in Ukraine fundamentally shifted intelligence priorities for both countries,' said Itay Cohen, a senior researcher with cybersecurity firm Palo Alto Networks who has followed Chinese hacking groups for years. Experts say, and the document indicates, that China wants to learn from Russia's war experience to bolster its own preparedness for potential future conflicts. Taiwan, in particular, is a major potential flashpoint with the West. One Chinese government-funded group has targeted Rostec, the powerful Russian state-owned defense conglomerate, seeking information on satellite communications, radar and electronic warfare, according to Palo Alto Networks. Others have used malicious files, intended to exploit vulnerabilities in Microsoft Word, to penetrate Russian aviation industry targets and state bodies. Advertisement Messages seeking comment were left with the Kremlin and the Chinese Embassy in Moscow. Not all Chinese hacking groups operate at the behest of the government. But security experts have seen evidence of government ties. Russian cybersecurity firm Positive Technologies, for example, said in 2023 that cyberattacks had been mounted on several Russian targets, including in the aerospace, private security, and defense sectors. The attackers used a tool known as Deed RAT, which is widely deployed by Chinese state-sponsored hackers. Cybersecurity experts say Deed RAT is considered 'proprietary' among these groups and is not available for purchase on the dark web like other malware tools. That has enabled state-backed hacking groups in China to use it more widely because it is tough for their adversaries to find a way to combat the malware. Chinese state-sponsored hacking groups have often targeted international companies and government institutions, including in the United States and Europe. But hacking groups appear to have become more interested in Russian targets after the country's February 2022 invasion of Ukraine. Chang said he and his colleagues tracked several Chinese hacking groups targeting Russia. Among them was one of the country's most active hacking groups, known as Mustang Panda. Little is known about Mustang Panda's origins or where it operates inside China, according to researchers who have studied the group. Its activities often accompanied China's Belt and Road economic development initiative, according to Rafe Pilling, director of threat intelligence at security firm Sophos. As China invested in development projects in West Africa and Southeast Asia, he said, hacking soon followed. That is most likely because China invests in countries where it has political and economic interests, which motivates state-sponsored hackers, Pilling said. Advertisement After Russia invaded Ukraine, TeamT5 said that Mustang Panda expanded its scope to target governmental organizations in Russia and the European Union. Pilling, who has been monitoring Mustang Panda's activities for several years, says he suspects that the group is backed by China's Ministry of State Security, its main intelligence body. The ministry supports threat groups that attack targets around the world, he said. In 2022, Mustang Panda targeted Russian military officials and border guard units near the Siberian border with China. 'The targeting we've observed tends to be political and military intelligence-gathering,' Pilling said. That is true of all Chinese hacking groups targeting Russia, he said. 'I think of them as being one of the main tools that the Chinese state has for gathering political and economic intelligence.' Mustang Panda has also attracted the attention of US authorities. In January, the Justice Department and the FBI said that Mustang Panda's malware had infected thousands of computer systems, seeking to steal information. Many of the targets were American, but the malware was also found on computers belonging to Chinese dissidents and European and Asian governments, according to a federal indictment. The indictment makes clear that the United States believes that Mustang Panda is a state-sponsored group. Other Chinese groups have targeted Russia, too. Chang said his team was following another threat group, Slime19, that is continuously targeting the Russian government, energy, and defense sectors. In agreements in 2009 and 2015, China and Russia promised not to carry out cyberattacks targeting each other. But even at the time, analysts suggested that the announcement was largely symbolic. Chinese hacking in Russia did not begin with the war in Ukraine. A 2021 cyberattack, for example, targeted Russian submarine designers. But experts say the war prompted a spike in computer intrusions. Advertisement 'The activity — we saw it immediately in the months following Russia's full-scale invasion of Ukraine,' Cohen said. 'Even though the public narrative was of close ties between Russia and China.' This article originally appeared in
Straits Times
14 hours ago
- Business
- Straits Times
China unleashes hackers against its friend Russia, seeking war secrets
The hacking campaign shows that, despite this partnership and years of promises not to hack each other, China sees Russia as a vulnerable target. PHOTO: REUTERS Since the beginning of the war in Ukraine, groups linked to the Chinese government have repeatedly hacked Russian companies and government agencies in an apparent search for military secrets, according to cyber analysts. The intrusions started accelerating in May 2022, just months after Moscow's full-scale invasion. And they have continued steadily, with Chinese groups worming into Russian systems even as President Vladimir Putin of Russia and President Xi Jinping of China publicly professed a momentous era of collaboration and friendship. The hacking campaign shows that, despite this partnership and years of promises not to hack each other, China sees Russia as a vulnerable target. In 2023, one group, known as Sanyo, impersonated the e-mail addresses of a major Russian engineering firm in the hunt for information on nuclear submarines, according to TeamT5, a Taiwan-based cybersecurity research firm that discovered the attack in 2024 and linked it to the Chinese government. China is far wealthier than Russia and has plenty of homegrown scientific and military expertise, but Chinese military experts often lament that Chinese troops lack battlefield experience. Experts say that China sees the war in Ukraine as a chance to collect information about modern warfare tactics, Western weaponry and what works against them. 'China likely seeks to gather intelligence on Russia's activities, including on its military operation in Ukraine, defense developments and other geopolitical maneuvers,' said Mr Che Chang, a researcher with TeamT5. It is unclear how successful these attempts have been, partly because Russian officials have never publicly acknowledged these intrusions. But a classified counterintelligence document from Russia's domestic security agency, known as the FSB, makes clear that intelligence officials are concerned. The document, obtained by The New York Times, says that China is seeking Russian defence expertise and technology and is trying to learn from Russia's military experience in Ukraine. The document refers to China as an 'enemy'. With Mr Putin largely cut off from the West, his country has come to rely on China to buy its oil and sell it technology that is essential to its war effort. Moscow and Beijing have formed a bloc against Washington and its allies, alarming Western leaders. The FSB document presents a more complicated relationship than the 'no-limits' partnership that Mr Xi and Mr Putin describe. Allies have been known to spy on one another, but the extent of China's hacking activities against Russia suggests both a higher level of mutual distrust and a reluctance by the Kremlin to share all that it is learning on the battlefield in Ukraine. Drone warfare and software are of particular interest to China, the document says. 'The war in Ukraine fundamentally shifted intelligence priorities for both countries,' said Mr Itay Cohen, a senior researcher with cybersecurity firm Palo Alto Networks who has followed Chinese hacking groups for years. Experts say, and the document indicates, that China wants to learn from Russia's war experience to bolster its own preparedness for potential future conflicts. Taiwan, in particular, is a major potential flashpoint with the West. One Chinese government-funded group has targeted Rostec, the powerful Russian state-owned defense conglomerate, seeking information on satellite communications, radar and electronic warfare, according to Palo Alto Networks. Others have used malicious files, intended to exploit vulnerabilities in Microsoft Word, to penetrate Russian aviation industry targets and state bodies. Messages seeking comment were left with the Kremlin and the Chinese Embassy in Moscow. Not all Chinese hacking groups operate at the behest of the government. But security experts have seen evidence of government ties. Russian cybersecurity firm Positive Technologies, for example, said in 2023 that cyberattacks had been mounted on several Russian targets, including in the aerospace, private security and defense sectors. The attackers used a tool known as Deed RAT, which is widely deployed by Chinese state-sponsored hackers. Cybersecurity experts say Deed RAT is considered 'proprietary' among these groups and is not available for purchase on the dark web like other malware tools. That has enabled state-backed hacking groups in China to use it more widely because it is tough for their adversaries to find a way to combat the malware. Chinese state-sponsored hacking groups have often targeted international companies and government institutions, including in the United States and Europe. But hacking groups appear to have become more interested in Russian targets after the country's February 2022 invasion of Ukraine. Mr Chang said he and his colleagues tracked several Chinese hacking groups targeting Russia. Among them was one of the country's most active hacking groups, known as Mustang Panda. Little is known about Mustang Panda's origins or where it operates inside China, according to researchers who have studied the group. Its activities often accompanied China's Belt and Road economic development initiative, according to Mr Rafe Pilling, director of threat intelligence at security firm Sophos. As China invested in development projects in West Africa and Southeast Asia, he said, hacking soon followed. That is most likely because China invests in countries where it has political and economic interests, which motivates state-sponsored hackers, Mr Pilling said. After Russia invaded Ukraine, TeamT5 said that Mustang Panda expanded its scope to target governmental organizations in Russia and the European Union. Mr Pilling, who has been monitoring Mustang Panda's activities for several years, says he suspects that the group is backed by China's Ministry of State Security, its main intelligence body. The ministry supports threat groups that attack targets around the world, he said. In 2022, Mustang Panda targeted Russian military officials and border guard units near the Siberian border with China. 'The targeting we've observed tends to be political and military intelligence-gathering,' Mr Pilling said. That is true of all Chinese hacking groups targeting Russia, he said. 'I think of them as being one of the main tools that the Chinese state has for gathering political and economic intelligence.' NYTIMES Join ST's Telegram channel and get the latest breaking news delivered to you.
Time of India
21 hours ago
- Politics
- Time of India
China unleashes hackers against its friend Russia, seeking war secrets
Since the beginning of the war in Ukraine, groups linked to the Chinese government have repeatedly hacked Russian companies and government agencies in an apparent search for military secrets, according to cyber analysts. The intrusions started accelerating in May 2022, just months after Moscow's full-scale invasion. And they have continued steadily, with Chinese groups worming into Russian systems even as President Vladimir Putin of Russia and President Xi Jinping of China publicly professed a momentous era of collaboration and friendship. The hacking campaign shows that, despite this partnership and years of promises not to hack each other, China sees Russia as a vulnerable target. In 2023, one group, known as Sanyo, impersonated the email addresses of a major Russian engineering firm in the hunt for information on nuclear submarines, according to TeamT5, a Taiwan-based cybersecurity research firm that discovered the attack last year and linked it to the Chinese government. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like ¿La recuerdas? Es triste ver cómo vive hoy en día Boite A Scoop Undo China is far wealthier than Russia and has plenty of homegrown scientific and military expertise, but Chinese military experts often lament that Chinese troops lack battlefield experience. Experts say that China sees the war in Ukraine as a chance to collect information about modern warfare tactics, Western weaponry and what works against them. "China likely seeks to gather intelligence on Russia's activities, including on its military operation in Ukraine, defense developments and other geopolitical manoeuvres," said Che Chang, a researcher with TeamT5. Live Events It is unclear how successful these attempts have been, partly because Russian officials have never publicly acknowledged these intrusions. But a classified counterintelligence document from Russia's domestic security agency, known as the FSB, makes clear that intelligence officials are concerned. The document, obtained by The New York Times, says that China is seeking Russian defence expertise and technology and is trying to learn from Russia's military experience in Ukraine. The document refers to China as an "enemy." Discover the stories of your interest Blockchain 5 Stories Cyber-safety 7 Stories Fintech 9 Stories E-comm 9 Stories ML 8 Stories Edtech 6 Stories With Putin largely cut off from the West, his country has come to rely on China to buy its oil and sell it technology that is essential to its war effort. Moscow and Beijing have formed a bloc against Washington and its allies, alarming Western leaders. The FSB document presents a more complicated relationship than the "no-limits" partnership that Xi and Putin describe. Allies have been known to spy on one another, but the extent of China's hacking activities against Russia suggests both a higher level of mutual distrust and a reluctance by the Kremlin to share all that it is learning on the battlefield in Ukraine. Drone warfare and software are of particular interest to China, the document says. "The war in Ukraine fundamentally shifted intelligence priorities for both countries," said Itay Cohen, a senior researcher with cybersecurity firm Palo Alto Networks who has followed Chinese hacking groups for years. Experts say, and the document indicates, that China wants to learn from Russia's war experience to bolster its own preparedness for potential future conflicts. Taiwan, in particular, is a major potential flashpoint with the West. One Chinese government-funded group has targeted Rostec, the powerful Russian state-owned defense conglomerate, seeking information on satellite communications, radar and electronic warfare, according to Palo Alto Networks. Others have used malicious files, intended to exploit vulnerabilities in Microsoft Word, to penetrate Russian aviation industry targets and state bodies. Messages seeking comment were left with the Kremlin and the Chinese Embassy in Moscow. Not all Chinese hacking groups operate at the behest of the government. But security experts have seen evidence of government ties. Russian cybersecurity firm Positive Technologies , for example, said in 2023 that cyberattacks had been mounted on several Russian targets, including in the aerospace, private security and defense sectors. The attackers used a tool known as Deed RAT, which is widely deployed by Chinese state-sponsored hackers. Cybersecurity experts say Deed RAT is considered "proprietary" among these groups and is not available for purchase on the dark web like other malware tools. That has enabled state-backed hacking groups in China to use it more widely because it is tough for their adversaries to find a way to combat the malware. Chinese state-sponsored hacking groups have often targeted international companies and government institutions, including in the United States and Europe. But hacking groups appear to have become more interested in Russian targets after the country's February 2022 invasion of Ukraine. Chang said he and his colleagues tracked several Chinese hacking groups targeting Russia. Among them was one of the country's most active hacking groups, known as Mustang Panda. Little is known about Mustang Panda's origins or where it operates inside China, according to researchers who have studied the group. Its activities often accompanied China's Belt and Road economic development initiative, according to Rafe Pilling, director of threat intelligence at security firm Sophos. As China invested in development projects in West Africa and Southeast Asia, he said, hacking soon followed. That is most likely because China invests in countries where it has political and economic interests, which motivates state-sponsored hackers, Pilling said. After Russia invaded Ukraine, TeamT5 said that Mustang Panda expanded its scope to target governmental organizations in Russia and the European Union. Pilling, who has been monitoring Mustang Panda's activities for several years, says he suspects that the group is backed by China's Ministry of State Security, its main intelligence body. The ministry supports threat groups that attack targets around the world, he said. In 2022, Mustang Panda targeted Russian military officials and border guard units near the Siberian border with China. "The targeting we've observed tends to be political and military intelligence-gathering," Pilling said. That is true of all Chinese hacking groups targeting Russia, he said. "I think of them as being one of the main tools that the Chinese state has for gathering political and economic intelligence." Mustang Panda has also attracted the attention of U.S. authorities. In January, the Justice Department and the FBI said that Mustang Panda's malware had infected thousands of computer systems, seeking to steal information. Many of the targets were American, but the malware was also found on computers belonging to Chinese dissidents and European and Asian governments, according to a federal indictment. The indictment makes clear that the United States believes that Mustang Panda is a state-sponsored group. Other Chinese groups have targeted Russia, too. Chang said his team was following another threat group, Slime19, that is continuously targeting the Russian government, energy and defence sectors. In agreements in 2009 and 2015, China and Russia promised not to carry out cyberattacks targeting each other. But even at the time, analysts suggested that the announcement was largely symbolic. Chinese hacking in Russia did not begin with the war in Ukraine. A 2021 cyberattack, for example, targeted Russian submarine designers. But experts say the war prompted a spike in computer intrusions. "The activity -- we saw it immediately in the months following Russia's full-scale invasion of Ukraine," Cohen said. "Even though the public narrative was of close ties between Russia and China."
BBC News
2 days ago
- Business
- BBC News
South Ayrshire Council to abandon controversial tourist tax plan
South Ayrshire Council is set to abandon plans for a tourist tax in the region. The local authority mooted the prospect of charging for overnight stays in a bid to boost its a public consultation into the plan was heavily negative, with only 15% of respondents supporting the proposal compared to 79% critical comments included doubts Ayrshire was attractive enough a location for the levy to work. Officials recommended the plan be abandoned for two years and the decision was agreed at a council meeting on decision is subject to call-in, meaning other councillors have 48 hours to object to the decision before it is finalised. The Federation of Small Businesses (FSB) and the Association of Scotland's Self-Caterers (ASSC) both submitted formal objections to the South Ayrshire proposal, with residents, hotels and B&Bs providing most of the other respondent wrote: "I don't believe that Ayrshire is attractive enough as a destination to warrant a tourist tax/levy."I can see how this works in very popular places like Barcelona or Athens." Many expressed fears that the region's tourist sector was already fragile, and that small businesses would suffer if there was any further financial have reviewed the survey findings, along with developments in other areas, and recommend dropping the project from its transformation programme and not considering development until August 2027 at the said the two year delay will allow time to assess how the levy affects other regions and whether such a scheme could work in South future return to the plan would need a full public consultation and a locally tailored approach, including decisions on rates, exemptions, and use of revenue.A number of other regions in Scotland are looking at similar plans, with Edinburgh councillors deciding to push ahead with a 5% levy earlier this councillors will decide on a similar scheme on approved, tourists will be charged £4.83 per night from January 2027.
