 |
| www.deepin.com |
The leadership cadre—respected senior professionals in Chinese network security drawn from major university positions, key Chinese network security (Qihoo 360, Antiy Labs), e-commerce, and social media companies —indicates this could be an important organization in Chinese cyberspace administration and international cooperation. Some have extensive contact with hackers, and at least two have backgrounds in the PLA as defense civilians. Overall, however, this appears to be a cadre whose experience is in cyber defense rather than hacker operations.
Its first interaction outside China was a June 2016 letter to GitHub asking them to take down a posting that was objectionable to the Chinese leadership. This suggests that CSAC will be used to interact with the U.S. and other countries on network security issues from a level that may be considered semi-official by the Chinese Government. International businesses operating in mainland China will likely be impacted by the group’s recommendations or announcements involving international dialogue and information security policy recommendations.
This report details the personnel and backgrounds of those involved, and is provided for situational awareness.
This report details the personnel and backgrounds of those involved, and is provided for situational awareness.
Publication date: 2 September 2016
Handling requirements: Traffic light protocol (TLP) AMBER
Attribution/Threat Actors: Criminal / State Actors
Actor Type: Tier IV
Previous Reporting: DOC-1110, DOC-1624, DOC-2404, DOC-3952, DOC-1623
Industries Targeted: Foreign businesses in mainland China (low confidence)
The full attribution report has been published in its entirety in the Red Sky Alliance portal. For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or feedback@wapacklabs.com.
Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber. Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information. The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.
Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber. Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information. The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.
