News Corp revealed this week that data belonging to its journalists had been stolen in an attack which has been pinned on Chinese hackers. Cyber hostilities between the US and China have been ramping up in recent weeks, with the director of the FBI using a speech to highlight Beijing’s “thirst for power” and stating the agency is investigating more than 2,000 incidents linked to Chinese gangs. The News Corp breach is likely to be “the tip of the iceberg” in this respect, experts told Tech Monitor.
In an SEC filing, News Corp, which owns titles including The Times and the Wall Street Journal, said its journalists have been “the target of persistent cyberattack activity”. Mandiant, the company brought in to investigate the breach, which was first discovered last month, believe it to be the work of Chinese hackers “involved in espionage activities to collect intelligence to benefit China’s interests”. The disclosure came days after Christopher Wray, director of the FBI, used a speech to highlight the Chinese government’s “thirst for power” and the role cyberattacks play in this.
The US and the Chinese cyber threat
Cyber espionage campaigns such as these have been increasing in number and severity since 2019, when China reportedly boosted its cyber warfare capabilities. The Belfer Center National Cyber Power Index states that it was at this point that the country moved from a period of development to “a deep and integrated digitisation of the economy and society”. It was also at this point that the FBI ramped up its monitoring efforts on China.
“The United States intelligence agencies have definitely applied more effort into monitoring the threat from China in the last few years,” says Greg Austin, senior fellow for cyberspace and future conflict at think tank the IISS. “And the Chinese are probably putting more money into [cyber] themselves.”
In his speech, Wray said the Bureau opens a new counterintelligence case against China about twice a day. “There is just no country that presents a broader threat to our ideas, our innovation, and our economic security than China,” he added.
The News Corp hack: another Hafnium?
Comparisons have been drawn between the News Corp breach and the large-scale Hafnium attack on Microsoft Exchange servers discovered in January of 2021, which caused damage far beyond the data theft reported by News Corp. “China consistently denied responsibility for the Hafnium attack, and is so far consistently denying responsibility for the attack on News Corp,” says Toby Lewis, global head of threat analysis at cybersecurity company Darktrace. “But many of the hallmarks are there”.
Lewis believes it is likely the News Corp attack was ongoing for some time before it was spotted, which allowed the criminals to mine a stack of information. This reportedly included WSJ documents relating to China’s interest in Taiwan and its treatment of Uyghur Muslims, as well as information pertaining to President Joe Biden and vice president Kamala Harris.
– Chinese spies mined WSJ Google docs about Taiwan, Uyghurs, tech regulation, Biden + Harris
– Scores of reporters were personally notified their files were hacked
– Some told documents related to 20 or more of their stories were breachedhttps://t.co/DQQQfD4uGD
— Dustin Volz (@dnvolz) February 5, 2022
“Attacks that are detected have failed or became too big to hide in the noise,” Lewis says, adding that many more Chinese attempts to breach US companies and institutions go unreported. “Certainly the threats we see gaining news coverage are just the tip of the iceberg, much more espionage will be going on undetected,” he says.
But although the hacks continue, the US and China are equally hesitant to move decisively towards all-out cyberwar, Austin argues. “They want to move in that direction, but we know that each of those countries regard themselves as quite vulnerable in cyberspace,” he says. This means attacks by criminal gangs, with the tacit backing of the authorities in Beijing are likely to continue to escalate. “All advanced economies, China included, are becoming more effective at cyber espionage,” Austin says. “This is a predictable evolution. Criminals and States find new ways”.