Cyber wrap
30 Mar 2016|

The US Department of Justice (DoJ) continues to dominate headlines this week, as the Apple v FBI case ends, a Chinese national admits to stealing US military secrets and seven Iranian hackers are indicted. As foreshadowed last week, the DoJ announced on Tuesday that it had found a way to unlock San Bernadino gunman Sayed Farook’s iPhone without Apple’s assistance, and subsequently dropped its case against Apple. We don’t know anything about the company that assisted the FBI to unlock the iPhone or how they did it, and government officials won’t be drawn on whether they will share the information with Apple. Over at the Council on Foreign Relations, Robert Knake points out that since such vulnerabilities are worth big money, it’s possible the third party that unlocked the phone may not even tell the FBI how they did it, let alone Apple—unless some cash is coughed up.

Last Thursday, a Chinese national pled guilty in a US court to assisting cyber espionage efforts targeting US defence contractors including aviation giants Boeing and Lockheed Martin. Chinese aviation expert Su Bin was arrested in Canada in 2014 and, after making a deal with prosecutors, was extradited to the US earlier this year. Su admitted that since 2008 he had been working with two other people in China to steal US military secrets, by identifying key individuals for his co-conspirators to target, providing guidance on what information should be stolen and translating useful documents into Chinese. This included detailed information on the C17 transport aircraft currently operated by the RAAF, and the F‑35 fighter aircraft that will enter RAAF service in 2018. Su claimed he was motivated by money, but Chinese state-backed media has suggested that regardless of his motivation Su deserves respect and praise for his work to assist China.

And last Friday the DoJ indicted seven Iranian hackers for Distributed Denial of Service (DDoS) attacks on the US financial sector in 2011 as well as on the online controls of a New York dam in 2013. The indictment alleges that the seven men who work for two private Iranian IT firms performed the attacks on behalf of the Iranian government, including the Islamic Revolutionary Guard Corps. It included DDoS attacks on 46 major financial institutions over 176 days, resulting in tens of millions of dollars’ worth of remediation costs. One of the indicted, Hamid Firoozi, also allegedly accessed the Supervisory Control and Data Acquisition (SCADA) system of a dam that controls water flows near Rye Brook in New York. No physical damage occurred, possibly because the sluice gate that controls water flow had been disconnected from the SCADA system for maintenance. Like the previous indictment of five PLA officers accused of hacking, this indictment is unlikely to see the accused men face court in the US, but rather is intended to ‘name and shame’ exercise to show that the US is believes it knows who conducted the attacks and to deter those responsible from travelling overseas.

Despite the continued tension between the US and China regarding cyber security, the Chinese government still needs to deal with major US firms like Microsoft to fulfil its IT needs. Microsoft China has reportedly worked with China’s Electronics Technology Group Corporation to modify Windows 10 for the Chinese government. The ‘specially provided edition’ of the popular operating system apparently removes many consumer focused apps but increases the amount of management and security features. China has also been working on a Linux -based operating system called NeoKylin, however Microsoft is unlikely to lose market share to its Chinese rival in the near future. Also from China this week comes news of the establishment of the Cyber Security Association of China. According to state media, the Association, which is made up of major Chinese tech firms such as Alibaba and major academic and research institutes, is intended to ‘organise and mobilise forces in all aspects of society to participate in building China’s cybersecurity’.