China hacking surges against US, claims Trump's former cyber security adviser
Tense relationships between the two nations spills into cyber space
China's hacking activity against the US has increased recently, targeting critical infrastructure such as energy, healthcare, finance and transportation with fears that the country is laying the groundwork for future cyber attacks.
That's according to Rob Joyce, former cyber security adviser to the Trump administration and NSA senior intelligence official, who addressed guests at a Wall Street Journal cyber security conference on Tuesday.
Despite repeatedly denying cyber attacks carried out against the US, the focus of Chinese hacking has previously centred around espionage and intellectual property theft, not on critical infrastructure. But recent investigations indicate Chinese intelligence was also behind the Marriott/Starwood hotel data breach affecting up to 500 million people.
"You worry they are prepositioning against critical infrastructure and trying to be able to do the types of disruptive operations that would be the most concern," Joyce said, reported Reuters.
Joyce provided no evidence to back up such claims, at the time of writing, nor did he elaborate on the type of attacks being targeted at the US, though according to a spokeswoman for the NSA, Joyce was referring to cyber attacks against US financial, transportation, healthcare and energy sectors.
It's not clear why China has ramped up US attacks, Joyce didn't elaborate further on the matter, but the trade war between the two countries and the recent arrest of Huawei's CFO (now released) probably haven't helped relations between the two economic juggernauts.
The news coincides with US prosecutors preparing to charge Chinese nationals in connection to a cyber espionage campaign known as "Cloudhopper" after targeting technology providers and their customers, according to Reuters sources.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now