Chinese targeted Israel in massive cyber attacks, stole sensitive data and trade secrets

Hackers acting on behalf of the Chinese government also targeted Iran and Saudi Arabia.

By Lauren Marcus, World Israel News

Hackers acting on behalf of the Chinese government carried out massive cyber attacks against Israel, Saudi Arabia, Iran and other countries in recent years, stealing sensitive information relating to trade and business, a bombshell report revealed Monday.

FireEye, a cybersecurity company based in California, said that they’d been tracking the “operational tactics, techniques, and procedures of a Chinese espionage group” since 2019.

In one huge attack that took place from 2019 to 2020, dozens of Israeli defense and private security companies were compromised by Chinese hackers who stole hundreds of documents, along with emails and data.

The purpose of the attacks was not sabotage, FireEye clarified– rather, China exploited loopholes in the companies’ servers to obtain business intelligence and technology and trade secrets.

After an analysis of the tools used for the hacking, FireEye determined that the Chinese State Security Ministry and intelligence bureau were the originators of the attack.

The Chinese focus on Israeli technology underscored “China’s consistent strategic interest in the Middle East,” the report noted.

“This cyber espionage activity is happening against the backdrop of China’s multi-billion-dollar investments related to the Belt and Road Initiative (BRI) and its interest in Israeli’s robust technology sector.”

Read  'There’s no accountability': Senators berate cybersecurity officials for response to 'disturbing and widespread' Chinese hack of US telecoms

As China investment in Israeli business grows, including infrastructure deals worth billions of dollars, the hacking may be seen by the Chinese as simply a part of doing their due diligence.

“Their goal isn’t necessarily always to steal intellectual property; it’s possible that they’re actually looking for business information,” Sanaz Yashar, one of FireEye’s lead investigators into the hacking, told Haaretz.

“In the Chinese view, it’s legitimate to attack a company while negotiating with it, so they will know how to price the deal properly.”

Israel wasn’t the only Middle Eastern company targeted by state-backed hackers. Saudi Arabia, Iran, Uzbekistan and a number of other countries were also found to have been the victims of cyber attacks launched by China.

The Chinese embassy in Tel Aviv flatly denied the report in a statement.

“The FireEye report’s baseless accusations against China on cybersecurity issues are defamation for political purposes,” the embassy said.

“China is a staunch upholder of cybersecurity. It has always firmly opposed and combated cyber attacks launched within its border or with its network infrastructure.”

>