MSS publicizes typical case to remind public of overseas cyber ransom attacks
Published: Mar 21, 2024 02:32 PM
Photo: CFP

Photo: CFP

China's national security authorities publicized on Thursday a typical case of cyber ransom attack to help the public raise their awareness over online blackmail and attacks from overseas, which not only affect social stability and economic development but also threaten China's national security and interests. 

A Chinese high-tech company recently filed a report through the hotline 12339 about targeted overseas cyber extortion attacks, with its relevant information systems and data been encrypted and locked, production and business operations forced to come to a halt, said the Ministry of State Security (MSS). 

The national security agency dispatched specialists to conduct a thorough investigation. Through on-site inspection of the situation and technical forensic analyses, they helped the company identify the source of the overseas attacks, remove a Trojan virus, repair technical and security loopholes and fully restore the normal operation of the company, said the MSS. 

After investigations, the national security agency found that in addition to the ransom attack against the aforementioned company, the overseas hacker organization had penetrated the network systems of hundreds of Chinese domestic enterprises and government departments, preparing to conduct larger-scale criminal activities. 

The increasingly rampant online extortion has posed an imminent public safety hazard to Chinese individuals and organizations in recent years. In response, the national security agency issued warnings to departments and took measures to prevent major economic losses and leakage of sensitive data. 

According to the MSS, ransomware is a type of malicious software used by hackers to hijack users' networks and carry out blackmail. Overseas hacker organizations usually utilize methods such as phishing emails, software and application vulnerabilities, injecting malicious codes into websites to illegally obtain access permissions to victims' devices and encrypt their data. These attacks may cause the victims' network systems to become paralyzed and unusable, thereby threatening the victims with ransom demands. 

In a bid to restore the system as quickly as possible, victims are often obliged to pay hefty ransoms. Additionally, attackers may seize the opportunity to steal sensitive data and classified information from the victims. When these data and materials are obtained by foreign intelligence agencies and malicious people with ulterior motives, they could pose a serious threat to China's national security, according to the MSS. 

The MSS reminded the public to prevent the risks from four aspects including remaining alert when opening suspicious emails and refraining from downloading or using software from untrusted sources, upgrading software and fixing technical vulnerabilities, increasing the frequency of backing up critical data and implementing off-site data backup, as well as cooperating with the national security authorities in investigation and gathering evidence to combat overseas cyber extortion attacks. 

According to China's Counter-espionage Law, espionage refers to any activity of attacking, hacking into, interfering with, controlling or sabotaging the networks of a state organ, secret-related entity or key information infrastructure, conducted by an espionage organization or its agent, or by anyone instigated or funded by such espionage organization or its agent, or by a domestic or overseas institution, organization or individual in collusion with such espionage organization or its agent. 

Global Times