Unraveling the Complex Cyber Landscape of China: China Update August 2023

-

Intro

Welcome to the China Update, where we summarize curated selections of the latest news on China from open sources and the Communist Party of China's official proclamations. We cover technology, politics, the economy, society, technical innovations, cultural outreach, and international relations.  


Find links to the source materials at assured information.blogspot.com.



From the Editor: Unraveling the Complex Cyber Landscape of China


Cybersecurity and its implications on global affairs cannot be underestimated in an increasingly interconnected world. As a significant player on the world stage, China stands at the center of several cyber incidents with domestic and international ramifications. This episode delves into recent headlines highlighting China's cyber activities and challenges.


I reviewed approximately one hundred articles in July for the August 2023 edition.  I picked the following themes:


  1. China’s Wuhan Earthquake Center Suffers Cyber-Attack

  2. Think tank calls for monitoring of Chinese AI-enabled products

  3. US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’

  4. Chinese companies evade sanctions, fuel Moscow’s war on Ukraine, says report

  5. Singer detained; company fined 200,000 yuan for undue behavior at show in North China's Shijiazhuang

  6. Chinese Hackers Breached Ambassador’s Email – Report

  7. China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

  8. The next arms race: China leverages AI for an edge in future wars

  9. China issues temporary rules targeting AI-generated content

  10. China boosts R&D for computing power infrastructure amid US technology blockage

  11. China’s J-20 stealth fighter flies with new engines: reports.


We explore the cyber incidents, emerging technologies, and geopolitical implications involving China. China's actions significantly affect the global cybersecurity landscape, from cyber espionage and state-sponsored threats to integrating artificial intelligence and machine learning in defense strategies.


This Month’s Overview


The Wuhan Earthquake Monitoring Center in China was recently targeted by a cyber-attack reportedly carried out by a hacker group with an "overseas government background." Preliminary evidence indicates the attack originated from the US, further escalating tensions between the two nations. In related news, the Australian Strategic Policy Institute (ASPI) has raised concerns about potential risks posed by Chinese-made AI-enabled products and advocates for their regulation. They warn these systems could subtly influence society, causing control and privacy issues.


US Senator Ron Wyden has accused Microsoft of "negligent cybersecurity practices," contributing to a thriving Chinese espionage campaign against the US government.

Meanwhile, the Office of the Director of National Intelligence (ODNI) reports that Chinese companies, including state-owned defense firms, are allegedly evading tech sanctions to support Russia's war in Ukraine. However, a contrasting incident has surfaced from Shijiazhuang, where a rock singer was detained for inappropriate behavior during a performance, leading to the suspension and fine of the organizing company. Lastly, a cyber-espionage campaign linked to China has compromised the email accounts of several US government officials, adding more concern to the cybersecurity issue between China and the US.


The Wuhan Earthquake Monitoring Center in China has been the target of a cyber-attack, reportedly carried out by a hacker group with an "overseas government background." The incident was revealed by the Wuhan Municipal Emergency Management Bureau and reported by the Global Times newspaper. The Bureau responded by sealing the affected equipment and reporting the attack to the authorities. Preliminary evidence suggests that the cyber-attack originated from the US, with a Trojan horse program from abroad discovered at the Wuhan Earthquake Monitoring Center. Chinese Foreign Ministry Spokesperson Mao Ning condemned the attack and accused the US government of engaging in malicious cyber operations globally. She also accused the US of "politicizing and weaponizing cybersecurity issues," which she claimed is hampering global efforts to combat cybercrime. This incident comes amid escalating tensions between the US and China, with conflicts extending into the cyber realm.


Key Points


  1. A cyber-attack targeted the Wuhan Earthquake Monitoring Center in China, believed to be carried out by a hacker group with an "overseas government background."

  2. The Wuhan Municipal Emergency Management Bureau responded by sealing off affected equipment and reporting the attack to authorities.

  3. Preliminary evidence suggests the cyber-attack originated from the US, with a Trojan horse program from abroad discovered at the Monitoring Center.

  4. Chinese Foreign Ministry Spokesperson Mao Ning condemned the attack and accused the US of engaging in malicious cyber operations globally and "politicizing and weaponizing cybersecurity issues."

  5. The incident comes amid escalating tensions between the US and China, with conflicts extending into the cyber realm.


The Australian Strategic Policy Institute (ASPI), a think tank, has raised concerns about the potential risks posed by Chinese-made AI-enabled products, advocating for them to be regulated similarly to Chinese 5G equipment. The ASPI report, titled "De-risking Authoritarian AI," asserts that these AI-enabled products could pose even larger challenges than 5G technology due to their pervasive role in everyday life. The report warns that once these AI systems are in place, they could subtly influence many societal aspects, leading to potential issues with control and privacy. Moreover, the ASPI suggests that consumers or organizations could overlook products from authoritarian nations like China amid the haste to regulate AI. The think tank proposes a three-part framework of auditing, red teaming, and regulation to address this challenge. The report emphasizes the concern over China, given its status as a global technology superpower and its ambition to export effective, competitively priced AI-enabled technology.


Key Points:


  1. The Australian Strategic Policy Institute (ASPI) suggests that Chinese-made AI-enabled products present a similar or greater security risk than 5G equipment and should be regulated similarly.

  2. Once implemented, AI-enabled technologies could subtly but significantly influence daily life, from online behavior to job and credit opportunities, making them difficult to regulate.

  3. The think tank proposed a three-part framework to manage these risks, which includes auditing AI-enabled products for potential threats to essential services, public health, democratic processes, and more.


US Senator Ron Wyden from Oregon has accused Microsoft of "negligent cybersecurity practices" that he claims enabled a successful Chinese espionage campaign against the US government. In a letter to Attorney General Merrick Garland and the heads of CISA and the FTC, Wyden stated that Microsoft "bears significant responsibility" for the M365 cloud hack that began with the theft of a Microsoft encryption key. He alleges that the key theft allowed hackers to create fake authentication tokens, impersonate users, and gain access to Microsoft-hosted consumer accounts, even those protected with multi-factor authentication and strong passwords. Wyden also criticizes Microsoft for not taking responsibility for its role in the SolarWinds hacking campaign and instead blaming federal agencies and customers while promoting its Azure AD product. He calls for a "whole of government effort" to hold Microsoft accountable for its alleged cybersecurity negligence.


Key Points


  1. US Senator Ron Wyden has accused Microsoft of "negligent cybersecurity practices" that enabled a successful Chinese espionage campaign against the US government.

  2. Wyden claims that Microsoft "bears significant responsibility" for the M365 cloud hack that began with a Microsoft encryption key theft.

  3. The key theft allegedly allowed hackers to create fake authentication tokens, impersonate users, and access Microsoft-hosted consumer accounts.

  4. Wyden criticizes Microsoft for not taking responsibility for its role in the SolarWinds hacking campaign and instead blaming federal agencies and customers.

  5. Wyden calls for a "whole of government effort" to hold Microsoft accountable for its alleged cybersecurity negligence.


According to a report from the Office of the Director of National Intelligence (ODNI), Chinese companies, including state-owned defense companies, are allegedly evading tech sanctions and fueling Russia's war in Ukraine. The report suggests these companies supply Moscow with key technology and dual-use equipment. The report cites both Chinese and Western press, stating that many shell companies and small and medium-sized businesses in Hong Kong serve as receptacles for secondary sales of chips to Russia. The report also indicates that in the first nine months of 2022, China's semiconductor exports to Russia increased by 19 percent year-on-year. Other equipment allegedly sent to Moscow includes drone parts, navigation equipment, jamming technology, and fighter-jet parts from state-owned companies. Despite these allegations, China has repeatedly denied that its companies are sending equipment to Russia in violation of sanctions.


Key Points


  1. Chinese companies, including state-owned defense companies, are allegedly evading tech sanctions and fueling Russia's war in Ukraine.

  2. The report suggests these companies supply Moscow with key technology and dual-use equipment.

  3. Many shell companies and small and medium-sized businesses in Hong Kong are said to serve as receptacles for secondary sales of chips to Russia.

  4. In the first nine months of 2022, China's semiconductor exports to Russia increased by 19 percent year-on-year.

  5. China has repeatedly denied that its companies are sending equipment to Russia in violation of sanctions.


A rock singer surnamed Ding was detained by police in Shijiazhuang, North China's Hebei Province, for removing his pants during a performance, prompting swift action from local authorities. The company that organized the show, Hebei Hongtang Livehouse, was suspended and fined 200,000 yuan ($28,028) by the local culture and tourism authority for the untoward behavior. After receiving reports of inappropriate behavior at the performance, officials investigated and confirmed the claims, leading to the suspension of the company and the fine. This incident occurred as Shijiazhuang sought to establish itself as the hometown of rock in China, with a series of concerts and pop-up performances planned through October.


Key Points:


  1. A rock singer named Ding was detained for inappropriate behavior during a performance in Shijiazhuang, North China's Hebei Province.

  2. The local culture and tourism authority fined and suspended the show's organizer, Hebei Hongtang Livehouse, for the incident.

  3. Authorities launched an investigation after receiving reports about the undue behavior at the show and confirmed the occurrence of disturbing and immoral acts.

  4. The incident occurred as Shijiazhuang sought to become known as the hometown of rock in China, launching a series of concerts and pop-up performances.

  5. The local authority has pledged to enhance the management of live events to prevent similar occurrences in the future.


A recent report reveals that a cyber-espionage campaign, reportedly traced back to China and disclosed by Microsoft, compromised the government email accounts of the US ambassador to China and other officials. The accounts of Nicholas Burns, the ambassador, and Daniel Kritenbrink, the assistant secretary of state for East Asia, were among those breached. The attackers, known as the Storm-0558 group, are linked to Beijing and are notorious for targeting government agencies for sensitive data and logins. Despite the large scale of the attack, the compromised accounts were reportedly unclassified systems, likely holding little geopolitically significant information.


Key Points:


  1. The government email accounts of the US ambassador to China, Nicholas Burns, and other officials were compromised in a cyber-espionage campaign traced back to China.

  2. The campaign, which Microsoft disclosed, was reportedly carried out by the Beijing-linked Storm-0558 group, known for targeting government agencies for sensitive information and logins.

  3. The attackers accessed customer email accounts via Outlook Web Access in Exchange Online and Outlook.com by forging authentication tokens.

  4. The cyber-espionage campaign may have resulted in the threat group gaining access to hundreds of thousands of government emails.

  5. The compromised accounts were reportedly unclassified systems, suggesting they likely could have contained more geopolitically valuable information.


Researchers have connected the two known Android surveillance programs, WyrmSpy and DragonEgg, to China's state-sponsored threat actor APT41. This group is notorious for espionage campaigns against both government agencies and enterprises. Its operations have spanned Asia-Pacific, compromising organizations in Australia, India, and the United States. These spyware programs have been discovered as they employ overlapping Android code signing certificates, and their source code includes a hardcoded command-and-control server address previously linked to APT41. These malware disguises themselves within seemingly benign Android applications and then deploy advanced functionalities to access device data and perform commands received from attacker-controlled servers.


Key Points:


  1. Android surveillance programs WyrmSpy and DragonEgg have been attributed to the Chinese state-sponsored threat actor APT41.

  2. This group, known for its espionage campaigns against government agencies and enterprises, has targeted organizations across the globe.

  3. WyrmSpy and DragonEgg use overlapping Android code signing certificates pointing to the same developers, and the source code for one of them has a hardcoded command-and-control server address previously linked to APT41.

  4. Both malware disguise as standard Android applications and then deploy advanced functionalities to gain device access and execute commands received from attacker-controlled servers.

  5. Basic mobile security hygiene, such as only downloading software from official app stores, is recommended to help protect against such threats.


Chinese cyber-espionage campaign disclosed by Microsoft last week infiltrated the government email accounts of high-ranking US officials, including the US ambassador to China, Nicholas Burns, and assistant secretary of state for East Asia, Daniel Kritenbrink. These officials join Commerce Department Secretary Gina Raimondo as notable cyberattack victims, which Microsoft attributed to the Beijing-associated Storm-0558 group. The threat actors reportedly accessed customer email accounts by exploiting Outlook Web Access in Exchange Online and Outlook.com by creating counterfeit authentication tokens. The report claims that someone or some organization may have accessed hundreds of thousands of government emails. However, the compromised accounts were allegedly unclassified systems, likely not containing significant geopolitically useful information.


Key Points:


  1. The Chinese cyber-espionage campaign disclosed by Microsoft infiltrated the government email accounts of high-ranking US officials, including US Ambassador to China Nicholas Burns and assistant secretary of State for East Asia Daniel Kritenbrink.

  2. The campaign, attributed to the Beijing-associated Storm-0558 group, compromised email accounts by creating counterfeit authentication tokens in Outlook Web Access in Exchange Online and Outlook.com.

  3. The threat actors reportedly accessed hundreds of thousands of government emails.

  4. The compromised accounts were allegedly unclassified systems, likely not containing significant geopolitically useful information.

  5. Chinese government spokesperson Liu Pengyu denied the allegations of state-sponsored hacking, emphasizing China's consistent opposition to all forms of cyber-attacks and cyber theft.


According to multiple news reports, China's advanced J-20 stealth fighter jet has reportedly flown with a pair of domestically developed WS-15 engines for the first time, potentially placing it at par or surpassing its US counterparts. Using these new engines would grant the J-20 significant enhancements in thrust, leading to longer range, faster speed, and super-cruise capability, among other tactical advantages. Despite these reports, neither the Chinese military nor the aircraft’s developer has confirmed the event. Initially, the J-20 was powered by Russian AL-31 engines, later moving to domestically developed WS-10 engines.


Key Points:


  1. China's advanced J-20 stealth fighter jet reportedly flew with a pair of domestically developed WS-15 engines for the first time, potentially surpassing its US counterparts.

  2. Using these new engines would provide the J-20 with a substantial boost in thrust, resulting in a longer range, faster speed, and super-cruise capability, among other tactical advantages.

  3. The reports are yet to be confirmed by the Chinese military or the aircraft’s developer.

  4. Russian AL-31 engines initially powered the J-20 before transitioning to domestically developed WS-10 engines.

  5. According to Wang Ya'nan, chief editor of Beijing-based Aerospace Knowledge magazine, China is rapidly catching up in aircraft engine technologies with leading countries like the US.


Summary:


China's Ministry of Industry and Information Technology (MIIT) has announced plans to boost research and development in key products, such as CPUs, GPUs, and servers, in response to increasing technology blockages by the US, including the cloud computing service sector. The MIIT sees enhancing domestic technological innovation capabilities as essential for ensuring the security of the industrial chain. CAC projects that China's core computing power industry will reach a scale of 4.4 trillion yuan ($613 billion) by 2025, which could expand to 24 trillion yuan when including related industries. China and the US are the top two nations in the Global Computing Index rankings, confirming their leading positions.


Key Points:


  1. China's MIIT plans to strengthen research and development in key products such as CPUs, GPUs, and servers to enhance self-innovation capabilities in core technologies.

  2. The move responds to the US' increased technology blockages, including the cloud computing service sector.

  3. The emphasis is on strengthening technological innovation and accelerating the implementation of new technologies and products across the industry chain.

  4. China's core computing power industry is expected to reach a scale of 4.4 trillion yuan ($613 billion) by 2025, potentially expanding to 24 trillion yuan when including related industries.

  5. China and the US maintain the top two positions in the Global Computing Index rankings, establishing themselves as frontrunners.

  6. The MIIT has issued various policy documents promoting the construction and application of computing power infrastructure, providing robust policy support for its development.


China is rapidly closing the gap with the U.S. regarding military technology, specifically artificial intelligence and machine learning. China aims to incorporate these cutting-edge technologies into its People's Liberation Army, effectively creating a "world-class" force that could significantly shift the balance of power in the Indo-Pacific region. President Xi Jinping has expressed China's commitment to becoming a global leader in AI by 2030. China has accelerated its defense innovations by removing the barriers between civilian research, commercial sectors, and its military and defense industrial sectors. As the competition heats up, the U.S. has implemented restrictions on semiconductor exports to Beijing, underscoring the critical nature of AI in modern warfare.


Key Points:


  1. China's focus on AI and ML can potentially revolutionize warfare and erode the U.S.'s longstanding military tech superiority.

  2. China is strategically integrating these technologies into the People's Liberation Army, aiming to create a powerful force that could offset U.S.'s dominance in the Indo-Pacific.

  3. President Xi Jinping announced China's ambitious plan to become the world's leading AI power by 2030.

  4. China's military-civil fusion strategy has been key in speeding up defense innovations, integrating civilian research and commercial sectors with its military and defense industrial sectors.

  5. The U.S.'s decision to impose sweeping restrictions on semiconductor exports to Beijing directly responds to China's tech advancements, demonstrating the critical role AI/ML plays in the future of warfare.


China has taken a step towards regulating its burgeoning artificial intelligence industry by implementing temporary rules for managing generative AI services. A joint directive by the Cyberspace Administration of China (CAC) and six other ministries declared that generative AI must comply with China's laws. Any acts of generating or transmitting illegal content would be stopped immediately, and such content would be deleted. Providers of generative AI technology are also required to offer data processing training in accordance with laws related to intellectual property and personal information protection.


Key Points:


  1. The CAC and six other ministries have issued temporary rules governing generative AI services, aiming to promote the growth of the AI sector, protect national security and the public interest, and safeguard the rights of individuals and entities.

  2. The move signifies China's initial steps towards AI regulation, defining legal boundaries for developing generative AI technology and establishing a foundation for China's participation in the global AI industry's governance.

  3. The temporary rule, effective from August 15, mandates that generative AI must be used in compliance with Chinese laws, and any illegal content generated or transmitted will be immediately halted and deleted.

  4. The rule also specifies that generative AI technology providers must offer specific data processing training, adhering to relevant laws concerning intellectual property and personal data protection.

  5. While the rule will apply to users of generative AI technology who provide text, image, audio, and video content to the Chinese public, it will not apply to AI users in professional organizations including educational, cultural, and research institutes.



Citations:


1. (2023, July 30). China’s Wuhan Earthquake Center Suffers Cyber-Attack. Infosecurity. China’s Wuhan Earthquake Center Suffers Cyber-Attack


2. (2023, July 30). Think tank calls for monitoring of Chinese AI-enabled products. The Register – Security. Think tank calls for monitoring of Chinese AI-enabled products


3. (2023, July 30). US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’. SecurityWeek. US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’


4. (2023, July 30). Chinese companies evade sanctions, fuel Moscow’s war on Ukraine, says the report. The Register – Security. Chinese companies evade sanctions, fuel Moscow’s war on Ukraine, says report


5. (2023, July 26). Singer detained; company fined 200,000 yuan for undue behavior at show in North China's Shijiazhuang - Global Times. Global Times. Singer detained; company fined 200,000 yuan for undue behavior at show in North China's Shijiazhuang - Global Times


6. (2023, July 21). Chinese Hackers Breached Ambassador’s Email – Report. Infosecurity. Chinese Hackers Breached Ambassador’s Email – Report


7. (2023, July 14). China’s J-20 stealth fighter flies with new engines: reports. Global Times. China’s J-20 stealth fighter flies with new engines: reports


8. (2023, July 17). China boosts R&D for computing power infrastructure amid US technology blockage. Global Times. China boosts R&D for computing power infrastructure amid US technology blockage


9. (2023, July 17). China issues temporary rules targeting AI-generated content - Global Times. Global Times. China issues temporary rules targeting AI-generated content - Global Times


10. (2023, July 19). The next arms race: China leverages AI for edge in future wars. China News. The next arms race: China leverages AI for edge in future wars


11. (2023, July 19). China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware. Dark Reading. China's APT41 Linked to WyrmSpy, DragonEgg Mobile Spyware

Comments

Post a Comment

Popular posts from this blog

China's Game-Changing Developments in Shipbuilding, Defense, and Advanced Technologies - You Won't Believe What's Happening!

-
Image
  Nation's Shipbuilders Chart Exciting Waters Lin Guolong, director of Shanghai Maritime University's Logistics Research Center, said cruise ships usually undergo two sea trials before receiving certificates from major international classification bodies. Zhang Yuzhuo, chairman of the State-owned Assets Supervision and Administration Commission of the State Council, said the delivery of Adora Magic City marks a milestone in the nation's transformation to a shipbuilding power and a fresh start for China's goal of creating an industrial cruise ecosystem. Wang Hong, president and professor of management at the China Europe International Business School, said, "The inaugural voyage of the China-built vessel represents not only a great breakthrough for the nation's high-end manufacturing techniques but also for Chinese people's pursuit of and demand for a better life. "The entire management operation for Adora Magic City incorporates everything people need
Read more

UCF Unleashing AI's Creative Potential: Script Notes from Sep 23 Presentation

-
Image
These are unformatted notes from my  9/24/23 UCF Faculty Center for Teaching and Learning chat on using AI: Presentation :  Faculty Center Teaching and Learning Sept 2023.pptx SETUP: BARD, CHATGPT, DISCORD, Grammarly all open Grammarly to blank spot Demo the First You are a professor.  It would be best to grade essays in the following manner:  The grading scale is from A to F.  Each dimension constitutes 25% of the grade:  1) Correct Grammar, 2) Accuracy of Content, 3) Insight and originality, 4) Relevant evidence to support the essay. 1) If the AI returns with the alternative grading rubric, use the alternative. 2) Be prepared to show the prefab: https://chat.openai.com/share/8db413df-e6e2-46de-aea5-6abeda316953 Example Essay One 1) With Google Bard:  write an example of a factually incorrect article on tacos, including injecting many blatant grammar and factual errors into the article.  It's important to inject these errors into the text.  Pre Fab Essay with Lots of Errors:
Read more