U.S. government employees laid off as part of the Trump administration's cutbacks have been subjected to a Chinese state-backed cyberespionage campaign involving fraudulent recruitment sites and social media, according to Cybersecurity Dive.
Attackers leveraged a network of five companies purporting to be based in the U.S., Japan, and Singapore, namely Smiao Intelligence, Dustrategy, Tsubasa Insight, RiverMerge Strategies, and Wavemax Innov, hosted on the same Tencent-owned server to facilitate the scheme, with Smiao being the only legitimate company and the rest having been established by individuals affiliated with the China-based firm, a report from the Foundation for Defense of Democracies revealed. Such intelligence operations were akin to a U.S. military and federal worker-targeted recruitment effort in 2018 involving the exploitation of LinkedIn and a bogus consulting firm, which led to the imprisonment of Singaporean operative Jun Wei Yao. "Historically, China's efforts to recruit current and former government employees typically focus on people with access to sensitive information. Even a government employee's resume may provide valuable, unclassified information to the PRC about the inner workings of the U.S. government," said FDD Center on Cyber and Technology Innovation analyst Max Lesser.
Attackers leveraged a network of five companies purporting to be based in the U.S., Japan, and Singapore, namely Smiao Intelligence, Dustrategy, Tsubasa Insight, RiverMerge Strategies, and Wavemax Innov, hosted on the same Tencent-owned server to facilitate the scheme, with Smiao being the only legitimate company and the rest having been established by individuals affiliated with the China-based firm, a report from the Foundation for Defense of Democracies revealed. Such intelligence operations were akin to a U.S. military and federal worker-targeted recruitment effort in 2018 involving the exploitation of LinkedIn and a bogus consulting firm, which led to the imprisonment of Singaporean operative Jun Wei Yao. "Historically, China's efforts to recruit current and former government employees typically focus on people with access to sensitive information. Even a government employee's resume may provide valuable, unclassified information to the PRC about the inner workings of the U.S. government," said FDD Center on Cyber and Technology Innovation analyst Max Lesser.
