Cyberattackers linked to the Chinese government are attacking pharmaceutical and technology firms to steal their intellectual property, with 13 attempts identified during the past 30 days alone.
Many of the intrusions were done through Web server compromises, with SQL injection being the prefered vector of implanting malware scripts which provide privileged access to internal networks.
The intrusion attempts are continuing to this day, with many of the China-affiliated actors persistently attempting to regain access to victim networks.
These hackers can be traced back to Beijing based on the tools and servers they use, the hours they appear to keep and the data they target.
This would be a violation of a recent agreement between Washington and Beijing not to hack private firms to steal intellectual property.
How Veracode Can Help
Most organizations have thousands of web-facing applications — including many that IT operations may not even be aware of, such as cloud-hosted sites, temporary marketing sites and sites inherited via M&A.
Veracode addresses this visibility gap by creating a catalog of all web applications via a massively parallel, auto-scaling, AWS-based cloud infrastructure that continuously scans thousands of sites simultaneously.
Unlike traditional network discovery tools, our Discovery service uses a combination of advanced search techniques – such as DNS keyword searches, search engine queries, production-safe crawling, analyzing page redirects and machine learning – to quickly identify unknown sites outside your normal corporate IP range.
Veracode then baselines your application risk by quickly identifying the most exploitable vulnerabilities, such as those found in the OWASP Top 10 (e.g., SQL Injection, Cross-Site Scripting).
You can then rapidly address them by identifying unnecessary sites that can be shut down, feeding security intelligence information from the Veracode platform to your WAFs, and providing actionable remediation feedback to your developers.
Crowdstrike: The Latest on Chinese-affiliated Intrusions into Commercial Companies
Phil Neray is Veracode's vice-president of corporate & product marketing and has been involved with cyber-security for 15+ years. He was previously VP of security strategy and marketing at Guardium, an enterprise security company acquired by IBM. Phil is CSA-certified in cloud security (CCSK), holds a BSEE from McGill University and has a black belt in American Jiu-Jitsu.
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.