Hackers in China Target UK Think Tanks

A US cyber-security company has claimed that Chinese hackers breached UK Think Tanks last year.

The US cybersecurity company, Crowdstrike has told the BBC that it saw a repeated number of Think Tanks, specialising in international security and defence issues targeted by the hackers at the start of April 2017. However, it is suggested that not all the hackings were successful.

Experts have often warned that Chinese hackers were likely to target Western markets, especially those in the defence industry and it seems that their worst fears may have come true.

The BBC say they have contacted many of the Think Tanks, however, the organisations have declined to comment on the matter. Crowdstrike claim that they have been called to respond to the attacks. They say that across the world in summer 2017, law firms, universities and technology companies were targeted, but in the UK the focus was on Think Tanks. They also claim that in 2017 Chinese cyber activity increased worldwide.

When speaking with the BBC, Dmitir Alperovitch, Crowdstrike’s co-founder and chief technology officer, told them that he believed those behind the attacks were trying to steal reports and information about connections to government.

“They believe that they may have access to information which is not public.”

It seems that the Chinese hackers are very persistent and even after being kicked out of the system, tried to regain access. In October 2017, Crowdstrike noticed a change in tactics, as a Chinese group installed a piece of malware onto the network of a Think Tank.

One day later, the same malware was installed on a different Think Tank.

Crowdstrike described the attempts to target think tanks and reusing these different tools as “pervasive and brash”. We would have to agree. The fact that these hackers tried to regain control over the systems only suggests confidence and displays the need for organisations to be able to take control of their systems quickly and easily.