MID’s “Seventh Bureau” and You.

with one comment

Two examples of Chinese firms buying U.S. companies are China National Aero-Technology Import & Export Corp. (CATIC) and Huawei. In the first case, CATIC bought the American defense technology firm Mamco Manufacturing, a Seattle-based aircraft parts manufacturer, in 1990. CATIC has a direct connection to the PLA and probably wanted to use the Seattle firm to acquire aerospace technology. The U.S. investigation also found that Mamco technology itself was already under export limitations. Huawei has attempted to buy many foreign firms outright, includingU.S.-based 3com.

Huawei established a joint venture with the U.S. anti-virus software company Symantec in 2008, headquartered in Chengdu, China. At this point it only offers software in China, but STRATFOR sources say that if Huawei were to be used for Chinese intelligence, it could easily insert spyware into computer systems subscribing to the service.

In Hong Kong, agents are recruited by the MSS’ Third Bureau, which handles Chinese intelligence operations in Taiwan, Hong Kong and Macao. One of their major tasks is purchasing targeted technologies through front companies. These businesses are usually not run by intelligence officers themselves but by people who have connections, sometimes overt, to the MSS.

One recent case involved the 88 Queensway Group, named for the address of an office building in central Hong Kong that houses many state-owned Chinese companies, along with the China Investment Corporation, the country’s sovereign wealth fund. A U.S. Congressional report claimed a possible link between the building and “China’s intelligence apparatus.”

“If” Huawei were to be used for Chinese intelligence? I would probably just say “when” but, I guess one can’t be sure unless there are some serious code checks going on in the US. Anyone you know actually done a security code review of Symantec lately?

The above text comes from a recent STRATFOR bulletin on Chinese espionage tactics and organizational structure. A rather enlightening piece really for anyone interested in how the Chinese juggernaut of espionage works. Of course when you think about it, their paradigm is much different than ours of any of the other intelligence agencies in other countries just from their “Human Wave” aegis.

What I really hope here is that more corporate types are actually able to get this content from Stratfor and get enlightened on how things work. As the report states, and many of us in the security business have known, is that the Chinese are VERY focused on industrial espionage. They also carry out this espionage in rather interesting ways.

Another fascintating factoid was the following passage:

In the past, a major criticism of China’s intelligence operations was the time it took to clone a weapons system — gather the information, reverse-engineer the system and put the pieces back together. By the time something was copied from an adversary’s arsenal, the adversary had already advanced another step ahead. That does not seem to be such a problem today, especially in those areas involving asymmetrical technologies such as anti-ship ballistic missiles, which China is developing on its own.

I believe that this paragraph infers a lot on the revelations about Operation “AURORA” and others like it of late. You see, traditional espionage takes more time to develop assets and get the data. With the new techniques of Advanced Persistent Threat technology, they can harvest the data at the speed of PWN. So, it’s in their best interest for getting the data and reverse R&D to just steal  it through hard to detect channels.

THIS is something that the mainstream media nor the “in the know” guys are not getting across to the masses. It is only natural that their paradigm would change and thus the “attacks” would ramp up.. Well, at least that we would finally catch on to the fact that they are doing this. We have been asleep at the digital security wheel far too long.

So, there you have it. Take a look at the report and read for yourselves.

“Know your enemy, Know yourself, Win the battle”

CoB

Written by Krypt3ia

2010/03/26 at 13:50

Posted in .gov, Advanced Persistent Threat, APT, China, Chinese Overlords, CyberWar, Espionage, Geopolitics, Hacking, HUMINT, Industrial Espionage, Infosec, Infowar, INTEL, MSS MID Seventh Bureau, Ni Hao Chairman Meow!, OSINT, Our Chinese Overlords, PLA, The Art of War