Wapack Labs received information that a senior Chinese hacker received an invitation to attend a Chinese military and aerospace technologies exposition in Beijing in September 2016. This expo was sponsored by the China Aerospace Science and Technology Corporation (CASC) as part of its military-to-civilian technology transfer effort. Equipment scheduled for exhibit included smart terminals, smart wearable equipment and systems, robotic systems, advanced sensors, security warning equipment, satellite communications, battlefield and soldier communications systems, imagery processing and visualization technologies, nano-materials, and stealth materials. Invitees included the Central Military Commission (CMC) Joint Staff Department, CMC Logistics Support Department, CMC Equipment Development Department, as well as Navy, Army, Air Force, and Rocket Forces organizations. Media reports of the event indicated there were about 200 attendees, although photo coverage of the event did not show any military present in uniform.
This event highlights the role that CASC plays for China in technology transfer from aerospace and the military into the civilian sector. The fact that a hacker received the invitation at least suggests that collection operations related to the technologies exhibited at the expo could have been part of the discussion. If some military representatives attended, including organizations with a cyber collection role, it would probably be part of the CMC Joint Staff Department representation.
Publication date: 29
October 2016
Handling requirements: Traffic
light protocol (TLP) AMBER.
Attribution/Threat Actors: State
Actors
Actor Type: Adversary
capabilities have been assessed as Tier
IV*
Previous Reporting: PIR 4.21.16; PIR 2.25.15
Industries Targeted: Aerospace manufacturing, Government Contractors.
*Criminal or state actors who are organized, highly technical, proficient, well-funded professionals working in teams to discover new vulnerabilities and develop exploits.
The full attribution report has been published in its entirety in the Red Sky Alliance portal. For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or feedback@wapacklabs.com.
About Wapack Labs
Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber. Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information. The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.