PH wary of Chinese state-backed hackers


    THE government is mindful of the security risks brought about by increased Chinese control of various infrastructures in the country and the reported Chinese state-backed hackers’ cyber attacks and other threats around the world.

    A security company based in the Netherlands called Fox-IT reported last December that a hacking group with links to the Chinese government remained active, quietly targeting companies and government agencies for the last two years. The hackers, likely belonging to a group known as APT20, were harvesting private data after stealing passwords and circumventing two-factor authentication processes designed to prevent such attacks.

    The security company said that the group’s attacks have extended to 10 countries, including the US, United Kingdom, France, Germany and Italy.  The Chinese hackers carried out their international espionage campaign against industries including aviation, construction, finance, health care, insurance, gambling and energy.  Fox-IT said that they had “high confidence that the actor is a Chinese group and that they are likely working to support the interests of the Chinese government.”

    In December 2018, US prosecutors also charged two Chinese nationals for stealing volumes of intellectual property, security clearance details and other records from companies.  This operation, allegedly backed by China’s intelligence services, spanned several years and is considered one of the largest corporate espionage efforts ever.

    Hackers gained access to systems through cloud service providers where companies thought data was securely stored.  Investigators first identified traces of the hack, called Cloud Hopper by security researchers, in 2016.

    A Wall Street Journal investigation has found that the attack was much bigger than previously thought, going way beyond the 14 unnamed companies listed in the indictment, spanning at least a dozen cloud providers, including CGI Group, one of Canada’s largest cloud companies; Tieto Oyj, a major Finnish IT services company; and International Business Machines.

    US government agencies, including the Justice Department, have begun to worry about their own potential exposure, and whether the attacks have positioned the Chinese government to access critical infrastructure, current and former US officials said.

    In the Philippines, the threat level remains high as various industries and military installations are susceptible to Chinese spying and control. For instance, Defense Secretary Delfin Lorenzana warned last year that Philippine offshore gaming operators which largely employ Chinese nationals may shift their operations to spying.

    “It’s very easy for these people to shift their activities to spying, kung mayroon man mag-eespiya (if anyone is spying.) So mabilis lang (it’s fast,)” Lorenzana said.

    This was echoed by National Security Adviser Hermogenes Esperon Jr., who expressed apprehension the influx of Chinese workers in the country could pose as a national security threat.

    “If you ask me, as National Security Adviser, I have the tendency to look at it as a threat,” Esperon said.

    The Philippine military’s deal with Dito Telecommunity, allowing the China-backed telco to build cell sites in its camps and bases, also raises the risk of China mining Filipinos’ data, according to independent experts.  A military risk analysis of its co-location deal with Dito found that electronic and radio frequency eavesdropping, interception and jamming are among “highly likely” risks.

    The Philippines’ power grid is also said to be under the full control of the Chinese government and could be shut off in time of conflict. This is according to an internal report prepared for lawmakers and seen by CNN.

    China’s State Grid Corporation has a 40% stake in the National Grid Corporation of the Philippines, a private consortium that has operated the country’s power lines since 2009.

    Concerns over potential Chinese interference in the Philippine energy system have persisted since the arrangement was first agreed to a decade ago.

    Lawmakers have already called for an urgent review of Chinese influence on and involvement in Philippine gaming, as well as in its telecommunications and power sectors.