Summary

Article Metadata

Chinese Spies Compromise Aerospace Firm

This is a People's Republic of China news story, published by The Register, that relates primarily to IBM news.

People's Republic of China news

For more People's Republic of China news, you can click here:

more People's Republic of China news

News about Us federal policies

For more Us federal policies news, you can click here:

more Us federal policies news

The Register news

For more news from The Register, you can click here:

more news from The Register

About the Otherweb

Otherweb, Inc is a public benefit corporation, dedicated to improving the quality of news people consume. We are non-partisan, junk-free, and ad-free. We use artificial intelligence (AI) to remove junk from your news feed, and allow you to select the best politics news, business news, entertainment news, and much more. If you like this article about Us federal policies, you might also like this article about

Chinese spies

. We are dedicated to bringing you the highest-quality news, junk-free and ad-free, about your favorite topics. Please come every day to read the latest cyber snoops news, cybersecurity news, news about Us federal policies, and other high-quality news about any topic that interests you. We are working hard to create the best news aggregator on the web, and to put you in control of your news feed - whether you choose to read the latest news through our website, our news app, or our daily newsletter - all free!

Chinese intruders

The Register

•

Chinese spies spent 4 months in aerospace firm’s server

Summary

Nutrition label

76% Informative

Chinese spies spent months inside aerospace engineering firm's network via legacy IT.

Intruder gained initial entry using default administrator credentials on an IBM AIX server.

Chinese intruders uploaded a web shell and established persistent access, thus giving them full, remote access to the IT network.

The intrusion has been attributed to an unnamed People's Republic of China team.

Hacker group targeted engineering firm Binary Defense's network.

They impersonated Windows users and impersonated a valid administrator-level account.

The intruders were discovered by threat detection tools deployed by the firm.

Binary Defense is due to publish a report on Thursday about the cyber-break-in and lessons learned.

VR Score

Informative language

Neutral language

Article tone

semi-formal

Language

English

Language complexity

Offensive language

not offensive

Hate speech

not hateful

Attention-grabbing headline

not detected

Known propaganda techniques

not detected

Time-value

short-lived

External references

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-190a https://whitepapers.theregister.com/https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cso&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZutiWkGdqk20H6r1-Nem5QAAAA0&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0 https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cso&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZutiWkGdqk20H6r1-Nem5QAAAA0&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cso&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZutiWkGdqk20H6r1-Nem5QAAAA0&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0 https://www.cisa.gov/news-events/alerts/2024/03/19/cisa-and-partners-release-joint-fact-sheet-leaders-prc-sponsored-volt-typhoon-cyber-activity https://attack.mitre.org/techniques/T1003/001/

Source diversity

www.cisa.gov whitepapers.theregister.com pubads.g.doubleclick.net attack.mitre.org

Affiliate links

no affiliate links

Read full article