Researchers and analysts from the Mandiant division of Google have discovered that, over the past year, Chinese state-sponsored hackers have been infiltrating systems that usually aren't the targets of cyber espionage, presenting a whole new level of ingenuity and sophistication from Chinese state-sponsored cyberattacks. (Related: 2 Hackers charged with illegally accessing federal law enforcement database.)
According to the researchers, instead of infiltrating systems behind strong corporate firewalls, Chinese hackers are targeting devices on the edge of the network, sometimes the firewalls themselves, and targeting software built by other companies that run on computers that don't usually use antivirus or endpoint detection software, which would provide an extra level of security against attempted cyberattacks.
These attacks routinely exploit previously undiscovered flaws in software, according to Charles Carmakal, chief technology officer of Mandiant. These new methods of cyberattacks have become "a lot harder for us to investigate," he said.
"And it is certainly exponentially harder for victims to discover these intrusions on their own," Carmakal added. "Even with our hunting techniques, it's hard for them to find it."
Carmakal further noted that the scope of Chinese intrusion into American and Western targets is likely far broader than what Mandial has discovered due to the extreme levels of stealth and sophistication employed by the intrusion attempts.
"There is a lot of intrusion activity going undetected," Carmakal warned.
Mandial has linked the new wave of cyberattacks to a suspected China-nexus hacking group because of the profile of some of its victims, including some who have been hit repeatedly by a "high degree of novel tradecraft and sophistication." The resources necessary for these kinds of cyberattacks strongly suggest some kind of state sponsorship.
Furthermore, the Mandial analysts have been able to identify obscure malware codes only known to have been used by threat actors based out of China.
For its part, China routinely denies hacking into businesses or government data portals. The communist nation instead accuses the United States and its allies of sponsoring cyberattacks.
Senior U.S. officials have long viewed the Chinese Communist Party as the nation's top cyber espionage threat and have for years been alarmed at the relative success Chinese hacking groups have had in compromising the classified data of military targets and defense contractors, with the goal being the theft of advanced military technology.
Intelligence agencies have come to the same conclusion as Mandial, observing that the tradecraft of suspected Chinese state-sponsored hacking groups has improved drastically in recent years.
In one annual worldwide threat assessment, U.S. officials noted that China "probably currently represents the broadest, most active and persistent cyber espionage threat to U.S. government and private sector networks."
Learn more about hacking and cyberattack incidents at CyberWar.news.
Watch this episode of the "Health Ranger Report" as Mike Adams, the Health Ranger, discusses how to survive a cyberattack designed to take down American society.