My Authors
Read all threads
The indictment of two Chinese nationals who carried out intrusions for the MSS is full of interesting insights on the state of Chinese cyber espionage. 1/x justice.gov/opa/press-rele…
First off, consider the efficiency of this capability. Two guys responsible for stealing hundreds of millions in intellectual property. And better yet, they're contractors, so limited overhead for the PRC! 2/x
Not the first time we've seen an extortion scheme from contractor types. APT41 has done something similar when seeking to monetize their access. Being allowed to carry out crime while under the protection of the state is just one of the benefits of this type of relationship. 3/x
A lot of typical espionage work here. DIB targeting. Targeting of dissidents (Hong Kong democracy activists and Chinese Christians). 4/x
Some very interesting additional targeting. Pharma and biotech targeting began before COVID-19. This is one of the areas we've seen targeting in as well and there have also been several incidents outside of the cyber arena. 5/x
The biotech targeting by this actor is also interesting in that it is not obviously Xi-agreement compliant like so much of this activity. 6/x
Also interesting to see the targeting of PII. Could certainly be a criminal operation, but given all the PII-related incidents we've seen by other Chinese state actors, it's worth wondering how this data will get used. 7/x
Also interesting to see gaming involved. APT41, a very similar operation targeted this area heavily. I am curious if this sector is a focus of this actor's side business, rather than the work they are doing for the MSS. 8/x
Also interesting in details about the relationship between MSS and the contractors. A suggestion that they were acting proactively in some cases by targeting dissidents without tasking. Also, the indictment indicates they were given an 0-day by their MSS contact. 9/x
Missing some Tweet in this thread? You can try to force a refresh.

Keep Current with John Hultquist

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!