Chinese foreign ministry dismisses ‘Deep Panda’ hacking claims

Chinese foreign ministry spokesperson, Hong Lei, today dismissed the latest ‘Deep Panda’ hacking claims by security firm, CrowdStrike, while also taking a swipe at the United States’ own international cyber espionage track record.

Chinese foreign ministry spokesperson, Hong Lei, has taken a swipe at the United States' cyber espionage track record while dismissing fresh Chinese paramilitary hacking claims by researchers at US security firm, CrowdStrike.

"China opposes and severely cracks down on all forms of cyber-hacking," said Hong at a press conference on 8 July. "Some US internet security firms turn a blind eye to the threat posed by the US to other countries through the internet and are bent on stirring things up by constantly talking about 'China Internet Threat'. The so-called evidence they produce is untenable and not worth commenting."

The comments follow fresh allegations by CrowdStrike's co-founder and CEO, Dmitri Alperovitch, of hacking by Chinese cyberattack group Deep Panda — this time suggesting that the group had compromised national security think tanks to steal confidential data concerning US foreign policy.

In a blog post published on 7 July, Alperovitch said that CrowdStrike had detected multiple simultaneous compromises at several national security think tanks "from an actor we call Deep Panda, one of the most advanced Chinese nation-state cyber intrusion groups."

According to Alperovitch, for almost three years CrowdStrike has monitored Deep Panda as it targets critical and strategic business sectors, including government, defence, financial, legal, and the telecommunications industries.

At the targeted think tanks, according to Alperovitch, the company detected the targeting of senior individuals involved in geopolitical policy issues, in particular in the China/Asia Pacific region, and last week saw "a radical change in targeting".

"This actor, who was engaged in targeting and collection of Southeast Asia policy information, suddenly began targeting individuals with a tie to Iraq/Middle East issues," said Alperovitch. "This is undoubtedly related to the recent Islamic State of Iraq and the Levant (ISIS) takeover of major parts of Iraq and the potential disruption for major Chinese oil interests in that country. In fact, Iraq happens to be the fifth-largest source of crude oil imports for China and the country is the largest foreign investor in Iraq's oil sector.

"Thus, it wouldn't be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper U.S. military involvement that could help protect the Chinese oil infrastructure in Iraq. In fact, the shift in targeting of Iraq policy individuals occurred on June 18, the day that ISIS began its attack on the Baiji oil refinery," he said.

According to a report by Reuters, another representative for China's embassy in Washington, press counsellor, Geng Shuang, also dismissed the claims, saying that the Chinese government was working to combat such activities.

He also suggested that Alperovitch's comments were designed merely to drum up business for the security firm.

"The blog post seems like an ad for CrowdStrike, which has been alarming people on the threat in cyber space for quite some time. I surmise it has been helpful to their business," said Geng, according to Reuters.

In June, CrowdStrike said it had identified another cyber espionage group with links to the Chinese military, dubbed Putter Panda, which had been systematically attacking US and European government partners in the space and satellite industry, according to the firm.

Show Comments