The key is its mysterious online mode of capturing spies, which requires massive e-mails or thousands of requests by LinkedIn.
In 2017, Equifax reported the personal data theft of 145 million Americans from its servers. The data included full name, address, date of birth, social security number and driving license, key data in the United States. A few days ago, the US Department of Justice surprised by accusing four Chinese soldiers of theft . It is not the first time that China steals personal data from millions of Americans.
Equifax is a data broker, it lives on data: it collects information about consumers and businesses that is used to find out its financial reliability. The intruders also took the predictive models that Equifax used to value millions of citizens.
The hacking story is impressive: they employed 34 servers in about 20 countries to hide their steps
The hacking account of the Department of Justice is impressive: they employed 34 servers in about 20 countries to hide their steps. They chopped the files they stole, downloaded and deleted them to leave no trace. They sent about 9,000 requests to Equifax to check what was in their databases. They were clearly professionals.
Equifax, however, made it easy. The company used software called Apache Struts. In March 2017, Apache announced a vulnerability that allowed it to remotely access and manage its systems. Equifax did not cover the hole, according to the Department of Justice. It was as if a team of thieves prepared to steal a valuable picasso arrived at the museum and found the door open with the keys on: every night they returned without being seen to see what else to take, and when they took a picture they hung a copy in its place ; They ended up taking dozens of paintings .
But why does China want so much personal data? Probably for more than one thing, but the clearest is to turn US officials or businessmen into spies for China. The traditional method of converting a double agent was to detect it, and then in person observe it, contact it and convince it. All the steps are delicate and are often made by different agents so as not to burn them all if something goes wrong.
The CIA and other agencies explain the most common reasons for a double agent to betray his country with the acronym MICE: they are the initials in English of "money, ideology, coercion and ego." In private financial data there may be information to know if someone has debts and even if those debts are due to dishonest reasons, which can be coerced.
"One option now is to see if there are people in the database with value for them and work the information," says Carlos Seisdedos, head of cyber intelligence at IsecAuditors. "If there were financial data, they could filter by job to see where they work. Depending on the type of credit information, objectives can be set. It is a way of approaching an objective, to blackmail him or whatever," he adds.
There is another substantial difference in this method: the approach to the objective can be online , it does not need to be real. And, therefore, it can be massive: "We have seen Chinese intelligence services do it on a huge scale," said William Evanina, director of the United States National Center for Counterintelligence and Security , last August to The New York Times . "Instead of sending their spies to the United States to recruit a single target, it is more effective to sit at a computer in China and send thousands of friend requests to targets with false profiles," he added.
"Instead of sending their spies to the United States to recruit a single target, it is more effective to sit at a computer in China."
The more information about these goals, the more likely it will work. In recent years, the Department of Justice has accused three exagents of collaborating with China. In Germany, intelligence services have denounced 10,000 approaches, while in France, 4,000 . All these attempts are not only to officials of the intelligence services. China may have an interest in numerous companies that work in security industries or in other leading areas. The variety is huge.
The professional social network LinkedIn, owned by Microsoft, is the perfect resource for this type of approach. The Chinese cyber espionage unit has 100,000 agents. It is easy to imagine how many resources they have for this type of operations.
Another of the hacks singular that have been attributed to the Chinese military is the Office of Personnel Management of the US government. It is one of the most juicy goals, there are millions of exams to future officials, full of questions about drugs, money, mental illnesses or rare sexual behaviors.
As if that were not enough, this is only one of the resources offered by the theft of millions of personal data. Another is its use to better model artificial intelligence algorithms. China has millions of data about its citizens, but they are all Chinese. To expand the variety, it is useful to search for data with profiles of citizens of other countries.
"The data is very different, it depends on where you collect it. If China can only obtain data from its citizens, the result cannot be extrapolated to the entire population of the planet," says Marga Robles, professor of Public International Law and coordinator of the master's degree in Cybersecurity of the University of Granada. "China is the great power of artificial intelligence. There are algorithms that you can use when selling products to Western citizens," he adds.
In addition to the search for double agents and the use of artificial intelligence, there may be a third reason to carry out an operation of this caliber: "They have databases that can profile social media information. They are data that can be used to extort money, but also to elaborate social profiles for disinformation campaigns, "explains Ángel Gómez de Ágreda, author of the Mundo Orwell book and head of the security and defense area of the Odyssey platform. Visit our main blog for more content.
These uses have to do with the geopolitical interests of a State. But that type of information is even more valuable in the hands of cybercrime: "Once you have data, it is one more merchandise. Just as the Chinese can buy the planes of a fighter from the Russians, they can also sell the information of the Americans," Gómez de Ágreda adds.
COMMENTS