Cyberwar Flashback Part II: China and Huawei Behind Hacks of Apple, Google, and India
by Jim Lundy
A pattern has clearly emerged in the cyberwars of the last 20 years that involve the country of China and one of its growing telecom firms, Huawei. In part I of our cyberwar blog on this topic, we looked at the great hacks of Nortel, which is not defunct, and Cisco. Those hacks are barely remembered because they happened so long ago.
In this blog, we’ll examine other significant hacks over the last ten years. These include the recent hack of Apple and the older hacks of Google, the country of India, and Motorola.
Chinese Nationals Hack Apple’s Autonomous Car Project
In 2018 and 2019, two Chinese nationals were caught with loads of photos about Apple’s autonomous car project. Xiaolang Zhang was arrested in 2018 after he tried to flee the country with Apple trade secrets and is now facing trial in Federal Court.
In January 2019, another Chinese national, Jizhong Chen, was also caught trying to flee the country with sensitive Apple trade secrets on the Autonomous Car project. In his possession they also found classified plans for the U.S. Patriot Missile. Chen was arrested one day before he was due to fly to China.
In both cases, this raises questions about Apple’s hiring practices and its security regarding those practices. Apple caught both of these individuals, but the questions is: did they miss others?
China Hacks Google
In 2010, I wrote about the hack of Google by the Elderwood Group based in China (see below). These hackers used Advanced Persistent Threat (APT) techniques to gain access to Google’s system which had all the information about Google employees. Google’s statement at the time was: “a highly sophisticated and targeted attack on our corporate infrastructure originating from China [that] resulted in the theft of intellectual property from Google.”
The attack was carried out by the Elderwood Group, which has ties to the People Liberation Army of China. Since 2010, Google pulled out of China and has made security one of its top initiatives since it was hacked. All Google employees are now required to use a security tool called Google Titan Security Key that has prevented almost all cyber attacks on individuals from being carried out. Note: we recommended security keys as one of our Twelve Tech Gifts of Xmas for 2019.
India Hacked by Huawei and China (APT30)
In both 2009 and again in 2014, Huawei was accused of hacking a state-owned telecom firm Bharat Sanchar Nigam Ltd., also known as BSNL. Nothing really came of this—other than complaints by the Indian Government. However, now Huawei is promising that if it is allowed to do business in India, it will have a “no backdoor” policy, which seems to confirm that it did hack before.
However, what Huawei did pales in comparison to the role of the group called APT30 and the siege of India and other countries in Southeast Asia (including Malaysia, South Korea, Vietnam, Saudi Arabia, and Thailand) and North America (the U.S.). APT30 has been active for more than 14 years and it targets dvices running Microsoft Windows Operating System. Fireeye has profiled APT30 in an extensive report, as has Azeria Labs.
China Continues to Hack Motorola
Motorola was hacked by a Chinese national in 2009 and at the time it was a famous case. However, a bigger case is now going on involving Hytera Communications, which is accused of stealing over 7,000 pages of information and copying Motorola digital radio products. Motorola didn’t discover the theft until 2016.
The case is being heard in Chicago and is currently ongoing. Since filing that case, Hytera has filed a lawsuit against Motorola, a counter-attack strategy that Samsung has used against Apple (which claimed that Samsung copied the Apple iPhone).
The Bottom Line: Cyberwar Is Real, so Be On Guard
Enterprises cannot underestimate the level to which third parties, including governments, will go to to steal your information, your IP, and in some cases, your money. Enterprises should understand that doing business in some parts of Asia needs to be balanced with the understanding of the potential of IP theft. One thing is clear: cyberwar is real and you and your enterprise need to act accordingly.
Editor’s Note: Download our enterprise security checklist to begin an assessment of your enterprise’s security strategy and to uncover where the gaps are in your strategy.