CIA’s 11-year old hacking campaign against China exposed

APT-C-39 is a hacking group that discreetly works for the CIA, according to research from a well-known Chinese cyber-security firm Qihoo 360.

The cyber warfare between the United States and China is nothing new but usually the latter gets all the blame but in this case, the CIA (Central Intelligence Agency) is being held responsible for hacking critical infrastructure in the People’s Republic.

APT-C-39 is a hacking group that discreetly works for the CIA. According to research from a well-known Chinese cyber-security firm Qihoo 360, this group has been launching cyberattacks against China from the past eleven years. The attacks started in September 2008 and lasted until June 2019.

See: US charges 4 Chinese military hackers over 2017 Equifax breach

Throughout this time, a wide range of sectors and industries in China have been targeted including petroleum, aviation, internet, R&D, and government institutions. It is worth noting that a majority of the targets were located in Beijing, Zhejiang, and Guangdong.

As per the researchers, a former employee of the CIA Joshua Adam Schulte was the mastermind behind the design, development, and production of the “cyber weapons,” mainly those included in Vault 7 leaks of the U.S. National Security Agency (NSA) and the CIA.

Schulte was serving as the Directorate of Science and Technology (DS&T) Intelligence Officer at the CIA’s National Clandestine Service (NCS) at the time when Chinese organizations were being targeted.

Researchers further assessed that in all these years, the infiltrators might have gathered classified business information not only about China but many other countries around the world.

Moreover, it was noted by the researchers that while targeting aviation and scientific research institutions, the CIA attacked system developers who were involved in projects related to information technology for the civil aviation such as freight or flight control system information, distribution or settlement services, and passenger information system. 

“We speculate that in the past eleven years of infiltration attacks, the CIA may have already grasped the most classified business information of China, even of many other countries in the world. It does not even rule out the possibility that now the CIA is able to track down the real-time global flight status, passenger information, trade freight, and other related information,” revealed Qihoo 360 researchers in their blog post.

The researchers further questioned the threats the CIA now poses after having its hands on such critical and sensitive information: “If the guess is true, what unexpected things will the CIA do if it has such confidential and important information? Get important figures‘ travel itinerary, and then pose political threats, or military suppression?”

See: Chinese hackers stole 614 gigabytes of US Navy’s anti-ship missile data

Using this information, the CIA can perform “unexpected things,” considering the nature and sensitivity level of the information as it may include travel itineraries of important personalities and prominent political figures. 

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

Related Posts