Analyzing Chinese Information Operations with Threat Intelligence

preview_player
Показать описание
This year, Chinese Information Operations (InfoOps) on social media platforms have received unprecedented attention across the globe. In major events such as the Hong Kong protest, the COVID-19 pandemic, and the U.S. presidential elections, the Chinese threat actors have weaponized social media to shape narratives and manipulate online users for the strategic interest of the People's Republic of China. TeamT5 Inc., as a cybersecurity firm based in Taiwan, has been investigating Chinese InfoOps since 2016. By adopting the mindset of threat intelligence, we have managed to illustrate the Chinese InfoOps threat landscape as well as identify threat actors emerging across social media. In this presentation, we will share trends in Chinese InfoOps which we observed this year. First, we will demonstrate the overt operations launched by the state media, embassies, and diplomats, which involve the propagation of conspiracy theories and disinformation, as well as the mobilization of patriotic netizens (a.k.a Little Pink) to conduct verbal attack or doxxing against dissidents. Then, we look into the covert operations, which can be observed in pro-China Facebook pages, content farms, and spam botnet. More importantly, we believe advanced persistent threat (APT) actors might have entered the InfoOps threat landscape. APT actors, typically a state-sponsored hacker group, usually conduct prolonged and targeted cyberattacks to mine highly sensitive data. However, in 2020 mid-July, we identified an InfoOp targeting Taiwanese authorities that can be linked to a notorious Chinese APT group which our intelligence team has tracked for years. We assess this is a targeted social media campaign spreading disinformation based on highly confidential data, and it could be used against other countries and cause distrust and chaos in democratic societies. Due to threat actors' fast-evolving tactics and social media's fast-changing nature, it is often difficult to identify the threat actors before they cause widespread disinformation. In this case, threat intelligence can help to combat the issue by providing better understanding and instant insights into actor methodologies and exposing potential risks.

Che Chang, Cyber Threat Analyst, TeamT5
Silvia Yeh @silvia_yeh, Cyber Threat Analyst, TeamT5

#CTISummit #cyberthreatintelligence
  1. SANS Digital Forensics and Incident Response
  2. digital forensics
  3. incident response
  4. threat hunting
  5. cyber threat intelligence
  6. dfir training
Рекомендации по теме
Analyzing Chinese Information

Analyzing Chinese Information Operations with Threat Intelligence

[CB20]Dissecting China’s Information

[CB20]Dissecting China’s Information Operations with Threat Intelligence

Information Bedlam: Chinese

Information Bedlam: Chinese Information Operations During Covid-19

One Year On:

One Year On: Russian and Chinese Information Operations During Covid-19

Unrestricted Warfare on

Unrestricted Warfare on Campus: Chinese Information Operations and American Higher Education

Clip Addiction: A

Clip Addiction: A Threat Intelligence Approach to Video-Based Chinese InfoOps

China's Military Cyber

China's Military Cyber Operations: Has the Strategic Support Force Come of Age?

Chinese Intelligence Operations:

Chinese Intelligence Operations: Analysis of Operations and Tactics in Economic Espionage 2-16-21

Countering Chinese and

Countering Chinese and Russian Digital Influence Operations

Overlaps between Cyber,

Overlaps between Cyber, Information, and Intelligence Operations

Telling China’s Story:

Telling China’s Story: The Chinese Communist Party’s Campaign To Shape Global Narratives

China’s Influence Campaign

China’s Influence Campaign Targeting the Hong Kong Protests: What the Data... | CYBERWARCON 2019

Dissecting How Chinese

Dissecting How Chinese Hackers Breached Verizon, AT&T and Lumen | WSJ

Recent Trends in

Recent Trends in Information Operations and Predictions for 2020

Hoover Institution Workshop

Hoover Institution Workshop On Using Text As Data In Policy Analysis (Part 4)

The China Index:

The China Index: Measuring PRC Influence Around The Globe | Hoover Institution

Rethinking Series 2017-18:

Rethinking Series 2017-18: Dean Cheng on 'Evolving Chinese Views of Information and Security&ap...

A French analysis

A French analysis on China: Three warfares & PLA operations

PRC Cyberattacks on

PRC Cyberattacks on Taiwan: What the U.S. Should Learn from Them

Chinese Cyber Power

Chinese Cyber Power

Russian and Chinese

Russian and Chinese Ships Hold Joint Drills in the Pacific, Russian Agencies Report | GRAVITAS

Post-Mortem: Russian and

Post-Mortem: Russian and Chinese COVID-19 Information Operations

Latest Pentagon report

Latest Pentagon report on China's plans for PLA and world domination, implications for India

Alleged DIA leaker.

Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.

Комментарии
Автор

Pangasinan in the Philippines is part and annexed by China before the Spanish from 1405 to 1580. Lingayen is founded by Chinese

derptrolling
Автор

The Chinese government needs to be taught a hard lesson.
If everyone would just turn their phones off for one hour and stay home this would completely shutting down the flow information.
Expand to a whole day and repeat often.

williammielenz