Hackers backed by China’s People’s Liberation Army intercepted thousands of diplomatic communications of top European Union nations for several years without being detected, the New York Times has learned.
According to documents shared by security firm Area 1 with The New York Times, Chinese hackers gained access to a secure network which served as a platform for communications between member states of the European Union and then posted the stolen communications on an open Internet website.
China snooped on EU communications for years
Based on an analysis of the intercepted communications, NYT revealed that the hackers showed great interest in the interactions between European nations on sensitive issues such as Iran’s secret nuclear programme, Russia’s plans on deploying nuclear warheads in recently-annexed Crimea, the situation in North Korea, the relationship between Donald Trump and Vladimir Putin, and negotiations over the Trans-Pacific Partnership that excluded Beijing.
According to NYT, hackers backed by China’s PLA also hacked into secure networks owned by the United Nations, the American Federation of Labor and Congress of Industrial Organizations (AFL-CIO), and “ministries of foreign affairs and finance worldwide” to gain better understanding of global affairs and internal discussions between European and U.S. leaders.
If the observations of Area 1 are true, it would mean that China has succeeded in snooping on internal discussions between European leaders of sensitive issues that may impact the global economy and security in the coming years. The fact that the hacking lasted several years without being detected also indicates that the EU’s cyber defences have decisively failed to prevent state-sponsored hacking operations.
Cyber espionage operations targeting U.S. and Australian firms
The news comes not long after it was revealed that China’s Ministry of State Security sponsored the cyber attack on Marriott’s Starwood reservation system that compromised personal and financial information of up to 500 million people who made bookings at Marriott International’s Starwood hotels.
According to sources contacted by The New York Times, China’s Ministry of State Security has been sponsoring such massive cyber attacks as part of an information gathering exercise to build an extensive database of U.S. government officials and executives with security clearances.
Aside from obtaining sensitive information about U.S. citizens, it is also believed that China’s premier security agency is also sponsoring cyber operations to steal precious intellectual property owned by U.S. firms. The Chinese government is also reportedly forcing U.S. firms that intend to enter the Chinese market to hand over valuable technology to state agencies.
In November, a report from Australian broadcaster Channel Nine and Fairfax media also revealed that China’s top security agency was behind a large number of cyber-attacks that targeted Australian businesses and institutions this year.
They noted that cyber-attacks were being carried out in order to steal intellectual property belonging to Australian firms and institutions and were part of a much larger campaign dubbed “Operation Cloud Hopper” which is run with the blessings of China’s Ministry of State Security.
The report cited senior unnamed Australian officials who said that cyber-attacks emanating from China were “a constant, significant effort to steal our intellectual property” and that the involvement of Chinese hackers was confirmed by the Five Eyes Alliance, an intelligence gathering network composed of cyber security experts from the United States, Britain, Australia, Canada, and New Zealand.