A few call outs from this morning’s blitz on Chinese cyber espionage. 1.We’ve known China’s Ministry of State Security contracts out some of its sensitive operations to a satellite network of hackers, now USG is calling them out by name (Yes!) and detailing the connections. 
https://twitter.com/JohnHultquist/status/1417095323042910208
2. It’s not just front companies, USG is accusing Chinese universities of playing a critical role in MSS’ recruitment. We’ve reported on these connections before, but China is particularly sensitive about coverage that outs its universities.
3. My personal favorite! USG addresses zero day hoarding in its comments, noting that in this case, the NSA turned over additional Exchange zero days to Microsoft. I would like to buy the bureaucrat who inserted this phrase a beer: “Rather than withholding them...”
4. Expect more of this: MSS has been leading PRC’s most sensitive cyber espionage ops since 2009, but the exact connections between the agency and its contractors were not always clear. Now USG (and allies) are spelling them out in detail and calling out their extracurriculars.
5. Here’s the context on USG’s difficulty attributing MSS directed hacking from my book thisishowtheytellmetheworldends.com
• • •
Missing some Tweet in this thread? You can try to
force a refresh
