The recent Bitcoin ransomware attacks on the US companies could have been perpetrated by Chinese hackers, four IT security companies that investigated the cyber crimes said today.
While the investigators excused themselves from providing any technical details, they however backed their claims using a couple of “conspiracy” theories. The first and the foremost theory, as orchestrated by Dell SecureWorks security official, Phil Burdette, claims the attacks were highly sophisticated. He told a Chinese daily that the hackers are using some really high-level techniques to move in-and-out a targeted network, something which he believes is “state-sponsored”.
But the reason behind the involvement of Chinese hackers in these Bitcoin ransomware schemes is a little political, hinted Attack Research Chief Executive Val Smith. He weighed in on the possibilities of certain Chinese policies that have pushed hackers down the cliff. One in particular is their government’s decision to reduce support to “economic espionage” last year, which reportedly led hackers to find other means of incomes.
Burdette also believed that these Bitcoin ransomware attacks could have been originated from the inside. It could be possible that the companies involved in trade secret exchange were simply abandoned by their Chinese associates on their way out. Burdette cited a case back in 2013, where the hackers were found to be using a similar technique while stealing.
Jimmy Alderson, the CEO of InGuardians, meanwhile pressed on the use of one Advanced Persistent Threat, or APT, in the recent attacks. His company’s investigations found a case where the hacker had stolen victim’s details six months before the actual attack. But in the case of recent Bitcoin ransomware attacks, the hackers acted instantly rather than waiting for days and months to to make their final move.
One cannot rule out the rise of dark markets on the internet that openly sells sophisticated hacking tools, private bank details and dozen other similar information to the ordinary hackers. The possibility that even an 11-year old can buy and learn these techniques is alarming to its core, and the companies would be needing a better program to safeguard themselves against such malicious elements.
Source: SCMP