←back to thread

PRC Targeting of Commercial Telecommunications Infrastructure

(www.fbi.gov)
286 points 2OEH8eoCRo0 | 3 comments | 14 Nov 24 00:59 UTC | HN request time: 0.001s | source
Show context
clwg ◴[14 Nov 24 02:45 UTC] No.42132630[source]
I was working with MISP[0], an open-source threat intelligence sharing platform, and came across a really interesting dataset from the Australian Strategic Policy Institute on China's technology research institutions[1]. I liked the data so much I built a quick cross-filter visualization on top of it to help explore it[2].

The data offers a fairly comprehensive and interesting perspective on China's research priorities and organization, I can't speak to the effectiveness of the programs themselves, but it does make me concerned that we are falling far behind in many areas, including cyber security.

[0] https://www.misp-project.org/

[1] https://raw.githubusercontent.com/MISP/misp-galaxy/refs/head...

[2] https://www.layer8.org/8541dd18-ff05-4720-aac7-1bd59d3921dd/

replies(5): >>42132801 #>>42133485 #>>42134891 #>>42137891 #>>42143837 #
acheong08 ◴[14 Nov 24 03:17 UTC] No.42132801[source]
> we are falling far behind in many areas, including cyber security

In terms of quantity and quality of talent, I don't think the western world would fall behind China, especially with their strict control of information. Most people there will have difficulty independently learning about cybersecurity.

The difference is that most talent is captured by the private sector with higher compensation or bounties. Meanwhile, China can very easily compel anyone they need into the government so the % utilization on outward attacks is probably higher.

replies(10): >>42132860 #>>42132946 #>>42133034 #>>42133113 #>>42133133 #>>42133189 #>>42133488 #>>42133564 #>>42133646 #>>42135370 #
dluan ◴[14 Nov 24 03:27 UTC] No.42132860[source]
> Most people there will have difficulty independently learning about cybersecurity.

Speaking from my own limited anecdata, but since the 90s in order to use the internet in China you basically had to be somewhat proficient in "cybersecurity" just because of all the required hoops to jump through. There were definitely a lot of script kiddies, but the Chinese exploit scene (amateur and professional) has always been bustling. And just personally speaking, the most truly awe-inspiring and resourceful hackers I've ever known have been Russian, or Chinese. Like actual 10x engineers who think that walls put in place for other people don't exist for them.

replies(1): >>42133499 #
coretx ◴[14 Nov 24 06:02 UTC] No.42133499[source]
Western society is criminalizing and repressing such culture, so China has already won because they fail at doing the same.
replies(1): >>42133669 #
1. Aeolun ◴[14 Nov 24 06:41 UTC] No.42133669[source]
They are very clear about who is a valid target though. I think you’ll quickly find that those attacking domestic targets rapidly disappear.
replies(1): >>42135400 #
2. medo-bear ◴[14 Nov 24 12:03 UTC] No.42135400[source]
Kinda works both ways. In many western countries you still go to jail for refusing to give private encryption keys
replies(1): >>42136355 #
3. coretx ◴[14 Nov 24 14:23 UTC] No.42136355[source]
Or they convict you for money laundry because you developed a crypto phone they can't crack and don't have any legal means to destroy you. ( Dutch example, and yes - the guy payed taxes everything, they made him hang because of a single client of a client his client his client being involved with shady things. ) State-Spite, Repression and such is rising globally. The rule of law is gone.