Home Blog Terms & Conditions Privacy Policy

Adstoppi Blog | China spent years collecting Americans' personal information

Published by:

When Attorney General William Barr announced Monday that the U.S. had charged four Chinese military hackers in the giant Equifax hack of 2017, he also confirmed something that cybersecurity experts had long suspected: China was also behind the hack of information on some 500 million Marriott hotel guests in 2018.

Barr also mentioned the 2015 hack of the Office of Personnel Management, another major breach that included sensitive information from about 21.5 million Americans who had done work for the federal government.

In doing so, Barr publicly confirmed that China has been collecting troves of personal data on U.S. citizens for years.

Beginning around 2014, a host of American organizations that store personal identifying information were hacked, with either the government or major private cybersecurity firms attributing China's Ministry of State Security as the culprit each time. Personal identifying information, or PII, includes names, addresses, birthdays and Social Security numbers.

Cybersecurity experts point to two likely reasons for suspecting China. First, the country's ability to process large amounts of data at scale makes megabreaches a tempting target. Second, it can be used for more traditional espionage, such as identifying people who could become intelligence assets.

China is already the most advanced domestic surveillance state in the world, keeping detailed, real-time records of citizens' location through facial recognition and keenly monitoring social credit scores by mining data and sifting through it with the aid of artificial intelligence.

"For a nation-state, if you're trying to seed a large analytic engine, more data is always better," said Michael Daniel, the White House cybersecurity coordinator under President Barack Obama.

"You want to be able to use big-data analytics, and use machine learning and those kinds of new analytic capabilities that have been emerging over the last decade or so. That only becomes viable if you in fact have large amounts of data," said Daniel, who is president of the Cyber Threat Alliance, an industry trade group.

The U.S. regularly accuses China of stealing corporate trade secrets and giving them to state-affiliated companies for a leg-up in business, which goes against U.S. policy. It's harder for the U.S. to make public accusations of hacking to gather intelligence on foreign targets since the U.S. doesn't deny it does the same.

The 2015 breach of the Office of Personnel Management, which functions roughly as the human resources department of the U.S. government, was the most significant Chinese effort to steal American PII. In addition to the basic PII on the 21.5 million Americans who had worked for the government, China's Ministry of State Security also acquired a trove of background checks on employees interviewed for sensitive work.

But cybersecurity researchers, who track advanced hacker groups by their tactics, infrastructure and targets, have long tied the hackers behind OPM to other megabreaches, like the hack of 80 million customers from Anthem insurance, reported in 2015.

The Marriott hack, which began as early as 2014 and went unnoticed until 2018, was widely believed to bear China's fingerprints, but that wasn't formally confirmed by a federal official before Barr's comment on Monday.

Having a working database of Americans' identifying information is also immediately useful for conventional espionage, said Priscilla Moriuchi, principal analyst at the cybersecurity firm Recorded Future and former East Asian cyberthreats expert at the National Security Agency.

With such a database, one could build "a profile of a person that you're either attempting to recruit or have recruited, or a profile of someone who may be susceptible to recruitment," Moriuchi said, or to verify intelligence gathered through other sources.

The Equifax charges notably, against officers in the People's Liberation Army, rather than the Ministry of State focus mainly on computer intrusion to commit economic espionage, similar to how the Justice Department has charged China previously with trying to steal high-tech trade secrets; it's unclear how China would leverage a credit reporting agency information.

Source: https://www.nbcnews.com/tech/security/china-spent-years-collecting-americans-personal-information-u-s-just-n1134411

Recent Post

Nintendo may be releasing a cheaper version of the Switch this June, according to a report from Bloomberg, which corroborates earlier rumors that Nintendo is working on a budget model of its popular portable console. It's still not clear what changes Nintendo would make to yield a cheaper Switch, although some have speculated that the new console could feature a smaller display or remove the dock capability for a cheaper and more mobile-focused device. While Nintendo has yet to release its official numbers for the last fiscal year, according to Bloomberg, analysts estimate that Nintendo shipped 17.5 million Switch consoles. That number would beat out Nintendo’s revised estimate of 17 million units, but it would still fall short of the original (and highly ambitious) 20 million console...

Uber CEO Dara Khosrowshahi has announced that chief operating officer Barney Harford and chief marketing officer Rebecca Messina are both departing the company. In a Friday email to employees, Khosrowshahi said, “over the years, I’ve learned that at every critical milestone, it’s important to step back and think about how best to organize for the future. Given that we’re a month past the IPO, now is one of those times.” The executives are stepping down almost a month after Uber went public in the biggest tech IPO in years. The actual IPO was viewed by many as a disappointment, but Uber has been trading above its stock price as of this week. Harford was named COO in December 2017, with Uber receiving criticism for the choice after it was initially believed Uber’s board was...

Huawei is developing a “mapping service,” according to a report by state-run news outlet China Daily, seemingly designed to challenge Google Maps — but not the way you might expect. The service is apparently intended for software developers, meaning apps that offer navigation or ride-hailing services could use Huawei’s planned mapping technology instead of building their own. A Huawei exec told China Daily that the mapping service, called Map Kit, will offer developers a street navigation system they can use in their apps as well as a way to show users real-time traffic conditions. The exec also said that Map Kit will support “augmented-reality mapping.” It’s unclear what that means. Perhaps it’s something similar to Google’s recently launched AR walking directions. The...

The worlds most versatile waterproof backpack

Published by:

The Siletz Modular Carry System from Tillak is pitched on Kickstarter as “the world’s most versatile waterproof backpack.” It’s a bag designed for anyone who needs to take their computing or camera gear into parts unknown, be it a backcountry Alpine slope, a flat water lagoon, or an unexpected L train detour on the daily office commute. The Siletz system starts with a waterproof 35-liter rolltop backpack. From there, you can add the Laptop Sleeve, the Travel/Photo Insert, and a Night Bag to create the Work & Travel system. The Outdoor System is compromised of a Gear Pouch, Shoulder Pouch, Cooler Insert, and 25-liter Wet/Dry Insert. The complete system with all the accessories is priced at an eye-watering $395 for Kickstarter backers, while the core kit containing just the backpack...

Drop Shipping Business

Published by:

Overnight delivery, also called expedited delivery, is a dispatch service which guarantees delivery of a parcel to a destination location. Occasionally this might involve a combination of transportation, like ground and air. This service is typically a little bit more than normal email delivery so many individuals use it to send urgent packages. Now, most of these pressing packages are classified under lightweight or heavyweight and based upon the nature of the dispatch, will be sent via air or freight. Overnight air could also be delivered globally, but most email carrier agencies just guarantee following day delivery in the continental US. Overnight Shipping and Time Sensitivity There are various reasons why a bundle may need in be delivered the very next day. A hospital or surgeon may...

Google is launching a new feature for Android phones today through its Play Store app marketplace that will let anyone donate to a number of US nonprofits, with 100 percent of the donation going to the chosen organization. Google is waiving its traditional 30 percent fee for apps and in-app purchases as part of the program, which the company is calling Giving Season on Play. Some of the nonprofits include the American Red Cross, Doctors Without Borders USA, Girls Who Code, and UNICEF. The full list of charities can be found here. This is a notable change in policy for Google, which has avoided letting app developers process donations to nonprofits in the past, for reasons likely related to the thorny regulatory and tax issues on collecting its 30 percent fee from charitable gifts. (Most...

Advertising Business

Published by:

Anyone with a home office and a minimum quantity of customer support experience can get hired. Finding a legitimate work from your house customer support job, or any valid telecommuting job for that matter, can seem as a job in itself. Do you know these jobs concealing? With regards to work at home positions, most on-line occupation boards are jam packed with deceptive job offers, business opportunities, etc. The most common bait and switch trick you may notice is companies posting ads for what seems like a valid job offer which really turns out for a Company opportunity in disguise that will often end up costing you everywhere from $50 to $500 should you decide to join. I only wish to clarify that there is a vast difference between a job at home business opportunities and a work from...

Adobe, Twitter, and The New York Times Company have announced a new system for adding attribution to photos and other content. A tool will record who created a piece of content and whether it's been modified by someone else, then let other people and platforms check that data. Adobe showed off a prototype in Photoshop today, but many of the details are still in flux, and there’s no release date. The overall project is called the Content Authenticity Initiative, and its participants will hold a summit on the system in the next few months. Based on what Adobe has announced, the attribution tool is a piece of metadata that can be attached to a file. Adobe does't describe precisely how it will keep the tag secure or prevent someone from copying the content in a way that strips it out. Adobe...

Twitter suspended an account that peddled conspiracy-laden content on Tuesday after President Donald Trump retweeted it earlier in the day, according to The Daily Beast. The account, which operated under the display name “LYNN THOMAS,” was reportedly suspended for breaking Twitter’s rules against “using multiple accounts to artificially amplify or disrupt conversations.” It’s the second account that the president has retweeted that Twitter has suspended for violating its rules. The tweet Trump retweeted said, in all caps, “DEMOCRATS ARE THE ONLY ONES INTERFERING IN OUR ELECTIONS. WHY DO YOU THINK THEY SO STRONGLY OPPOSE VOTER ID?” It also included a brightly-colored image that said, “Democrats are the true enemies of America!” According to The Daily Beast, the account...

Facebook gets into the meme-making biz with experimental Whale app Last week, Facebook quietly released a new meme-making app called Whale, The Information reports. The app is currently only available on the Canadian App Store, where its listing says it can be used to edit your own photos or images from a library of stock photos. You can then share your creations on social media platforms such as Instagram and Messenger. The app's listing confirms that it's been developed by Facebook's New Product Experimentation (NPE) team, which was set up earlier this year to develop new experimental apps for the social media giant. At the time, Facebook said it was using the separate brand name to set the expectation that its apps could change rapidly, or even shut down if the company finds that...

Login Join Now