China sponsoring cyber efforts to steal IP, GCSB says

The Government Communications Security Bureau says Chinese authorities have been linked to a global hacking campaign to steal commercial intellectual property that reached into New Zealand.

The unusual naming and shaming of the state-sponsored attack is part of a wider effort by the intelligence agency to ratchet up pressure on nations to protect New Zealand's national interest. It coincided with US and UK authorities accusing two Chinese nationals of large-scale hacking that stole personal and proprietary information from more than 45 organisations around the world. The pair were indicted by a New York grand jury which was unsealed overnight.

"This long-running campaign targeted the intellectual property and commercial data of a number of global managed service providers, some operating in New Zealand," GCSB director-general Andrew Hampton said in a statement. "New Zealand is committed to upholding the rules-based international order, and today joins like-minded partners in expressing that such cyber campaigns are unacceptable."

Reuters reported global IT giants Hewlett Packard and IBM were among the firms targeted.

The GCSB became aware of the campaign in early 2017, issuing advice on the National Cyber Security Centre website and engaging with local subsidiaries of managed service providers. Today it said it established links between the campaign and the Chinese Ministry of State Security.

Hampton said the activity goes against a 2016 commitment by all Asia Pacific Economic Cooperation nations, including China, not to conduct or support cyber attacks to help IP theft for commercial gain.

"The GCSB has worked through a robust attribution process in relation to this campaign," he said. "New Zealand attributes cyber incidents where it is in the national interest to do so. Our approach today is consistent with GCSB’s previous attributions of cyber activity."

The 'naming-and-shaming' comes at a period of heightened tensions between China and the US, with a series of tit-for-tat trade tariffs imposed by the respective nations that threaten to slow global growth. A major complaint by the US has been China's theft of intellectual property.

Presidents Donald Trump and Xi Jinping attempted to thaw those relations last month when they agreed to find some common ground on trade tariffs, but tensions reignited after the arrest of Huawei Technologies chief financial officer Meng Wanzhou in Canada, at the behest of the US, to face charges of fraud and breaching sanctions on Iran.

Huawei was named a threat to US security in a US Congress intelligence report in 2012 and faced numerous obstacles in entering that market. It had greater luck in New Zealand, where founder Ren Zhengfei visited in 2013, giving his first press conference and meeting with local politicians of all political stripes to allay their concerns.

The Chinese company is the world's second-biggest smartphone maker, and its technology has been widely used by New Zealand carriers. That will likely change when it comes to building a 5G mobile network, after the GCSB this year turned down an application by Spark New Zealand to use Huawei.

The GCSB also released its cyber threat report for 2017/18, which showed the National Cyber Security Centre recorded 347 incidents in the year, down from 396 a year earlier. However, of that, 39 percent were linked to state sponsors compared to 33 percent in 2016/17.

"Some state-sponsored cyber actors have taken to more covert and discriminate operations, while others have overtly targeted non-traditional targets, such as media outlets or politicians," the report said.

A case study in the report described how the GCSB unit helped a foreign national who sought asylum in New Zealand. The pro-democracy campaigner had their personal computer infected with malware associated with a state-sponsored group to monitor the person.

"In this instance, the NCSC attributed the compromise to a foreign intelligence service," the report said. "The NCSC worked with the individual to remediate the infection and provide security advice to reduce the risk of further compromises."

New Zealand is a member of the 'Five Eyes' security alliance with the US, UK, Australia and Canada. Under Foreign Minister Winston Peters, it's sought closer links with its traditional allies after a decade of growing economic reliance on China, making policymakers walk a tightrope of balancing trade interests against its defence and security allegiances.

© Scoop Media