Chinese hackers have been harassing the US in a seriesof cyberattacks, but we’ve started trying to talk it out and cool this all down. But in the meantime, a security researcher has just revealed that he caught a team of Chinese hackers hijacking a fake water plant he set up. And aside from spotting the fake, they knew exactly what they were doing.
Kyle Wilhoit, a researcher with security company Trend Micro, explained the details of the whole thing at Black Hat on Wednesday. The hackers that attacked the honeypot are known as APT1 or “Comment Crew” and have been tracked back to the Chinese Army before; this isn’t just some group of high-tech hooligans.
According to Wilhoit, the whole thing was extremely and obviously deliberate. He put it this way to the MIT Technology Review:
You would think that Comment Crew wouldn’t come after a local water authority. I actually watched the attacker interface with the machine. It was 100 per cent clear they knew what they were doing.
This isn’t an isolated case either. Wilhoit also shared information about 12 other decoys that attracted some 74 deliberate attacks from APT1 and other groups, 10 of which were able to completely control of the fake water plants. If the targets had been real and not decoys, the attackers would have had no problem doing pretty much anything they wanted with the infrastructure they managed to snag.
This was all going on long before the US and China decided to sit down and talk about matters, but it’s easy to imagine how this revelation could make things a bit more awkward and complicated. Hopefully decoys are the only things that have gotten taken over. [MIT Technology Review]