Almost a year after Hong Kong witnessed pro- democracy street protests by its students; they had to face another battle online against hackers sponsored by China using the latest techniques one has never seen.
This time hackers have come up with something extraordinary: they have planted malware on file- sharing services like Google Drive and Dropbox trapping victims to download malicious files and compromising their sensitive information. Another tactic is used moving towards specific targets through ‘white lists’ that infects only certain visitors hence forcing them to compromised websites.
According to security experts, such sophisticated techniques are said to be used by top class hackers from Russia and China, mostly for information extraction and surveillance. This level of hacking shows how crucial China considers Hong Kong, a major financial hub, where 79 days of protests last year brought many regions to a standstill. Concerns were raised in Beijing looking at the level of political unrest on China’s border.
The chief executive of Hong Kong’s Democratic Party, Lam Cheuk- ting has a reasonable assumption that Beijing is behind such level of hacking as it has been a victim of a number of cyber-attacks on its website and some of its members’ email accounts.
FireEye, the U.S based internet security firm said that these attacks via Dropbox were targeted to monitor networks of those, who’s Beijing wants to monitor. The company added that half of its customers in Taiwan and Hong Kong were attacked by professional and government hackers during the first six months of the year.
When asked to give explanations on these continuous hackings going on, China’s Ministry of Foreign Affairs, Public Security Bureau and the Liaison Office of the Central People’s Government in the Hong Kong Special Administrative Region did not comment. China has denied all the accusations, saying it is a victim too.
A Canada- based research organization, Citizen Lab said that when Tibetan exile groups did not fall in the spear phishing attack, hackers switched the malware to the sophisticated Google Drive where victims would think it is a safer place. FireEye has seen this new approach for the first time, hackers luring Chinese journalists in Hong Kong into downloading infected files from Dropbox.
In order to stay ahead of hackers, activists and others have started using strange words in order to communicate. Some also use encrypted messaging apps, different SIM chips.
During the Hong Kong district council elections earlier this month, hackers broke into round 20 Gmail accounts belonging to the Democratic Party members. It was seen between April and June, many hacked accounts forwarded emails to firstname.lastname@example.org. When the Party’s IT experts examined the hackers’ IP address, it was found to be originated in China.