News

China’s hackers have been reading the EU’s secrets for years

hacking

Chinese hackers have enjoyed access to the secure communications network of the European Union for several years, according to a New York Times report published Wednesday.

The hack, which reportedly swept up mountains of diplomatic cables, is another indication of the scale of Beijing’s increasingly apparent cyber espionage campaign.

Videos by VICE

The report is based on more than 1,100 cables obtained by cybersecurity firm Area 1, who first spotted the breach.

Some of the cables shared with the Times relate to Donald Trump and his relationship with Russia — including his meeting in Helsinki with President Vladimir Putin. One EU official described that meeting as “successful (at least for Putin).”

READ: White House points finger at China for huge hack of Marriott customers

However, most of the cables consist of low-level classified documents detailing the often mundane communications between EU officials. The content does not appear to be of similar sensitivity to the U.S. diplomatic cables published by WikiLeaks in 2010 or the Democratic National Committee emails published in 2016.

Of greater concern to the EU and the west is China’s demonstrable ability to infiltrate secure networks yet remain hidden.

According to Area 1, the hackers were able to penetrate the system without the need for sophisticated tools or techniques, relying instead on human error.

A Cypriot official clicked on a phishing email, which was enough to let the hackers gain access to the entire network, the company said.

“After over a decade of experience countering Chinese cyberoperations and extensive technical analysis, there is no doubt this campaign is connected to the Chinese government,” Blake Darche, one of Area 1’s experts, told the Times.

The company added that the networks of the UN, the American Federation of Labor and Congress of Industrial Organizations (AFL-CIO), and ministries of foreign affairs and finance worldwide had also been compromised.

“The core targets mentioned in the report so far, communications from the EU and the United Nations, are a high priority for many attackers and this is unlikely to be the last time they are compromised,” Chris Doman, security researcher for AlienVault, told VICE News

The EU hack is the latest evidence that the People’s Liberation Army has been conducting widespread cyber espionage campaigns targeting governments, businesses, and individuals around the globe.

Just last week the U.S. government publicly blamed China for the recent breach of the Marriott reservation system, which saw 500 million customer records compromised, including credit card information and passport details.

The Department of Justice is expected to announce indictments against several Chinese government hackers later this week.

Beijing has been conducting cyber espionage campaigns for years, including the theft of huge amounts of valuable intellectual property, which has been used to help the country’s indigenous businesses, as well as aid its military develop advanced weaponry.

A landmark agreement signed by Chinese President Xi Jinping and then U.S. President Barack Obama in 2015 was meant to signal an end to such operations — but in the last 12 months, officials have seen an increase in cyberattacks.

The EU has said that its most classified documents — designated “tres secret” — are held on a separate more secure system that is currently being upgraded.

However, human error can always render even the most sophisticated systems redundant.

“International institutions are often only as strong as their weakest members,” Doman said. “It’s hard to get the balance right between a communication system that enough people can access to be useful and is secure enough. As mentioned in the report there are multiple levels of communication systems used at an institution like the EU with increasing security and decreasing accessibility.”

Last week it was revealed that Albania was posting sensitive intelligence information online, opening up the opportunity for hackers to infiltrate NATO’s network.

Cover image: Hands typing on a computer keyboard on February 06, 2018 in Berlin, Germany. (Thomas Trutschel/Photothek via Getty Images)