A leading security security company found evidence that Chinese intelligence operations urged the National Security Agency to hacking technology in 2016 to attack US allies and private firms in Europe and Asia, according to the New York Times.
Researchers with Symantec believe the Chinese government conquered the code from an NSA attack on its own systems rather than stealing it, according to the article. The hacking group that repurposed the tools has committed several attacks on US targets, including space, satellite and nuclear propulsion technology manufacturers, according to the Times, referring to a classified agency note.
Some of the same tools were also dumped online by an unidentified group calling themselves Shadow Brokers, later used by North Korean and Russian intelligence, according to the Times, although there is no obvious connection between the Chinese acquisition and Shadow Brokers & # 39 ;Activity.
While Symantec is not sure how the Chinese got the code, Chinese intelligence contractors have used the tools to conduct online crime in Belgium, Hong Kong, Luxembourg, the Philippines and Vietnam, according to the Times, with goals ranging from schools and scientific research to the government to an American ally. In one case, an operation against a telecommunications network may have resulted in as many as millions of private communications, according to Symantec.
Symantec's research does not explicitly identify the Chinese government, instead referring to the "Buckeye Group", the company's term for a team of hackers identified by both the Justice Department and private firms as contractor for China's State Department, according to the report. The Ministry of Justice accused three hackers of the group in 201
"This is the first time we have seen a case – which people have long referred to in theory – by a group that restores unknown vulnerabilities and exploits used against them, and then uses these exploits to attack others, "Eric Chien, a security director at Symantec, told the Times.