Report: China Is Hacking Russia, Too
Moscow may be just “waking up” to the fact that their new partner sees them as a target.
Much has been made about the emerging relationship between China and Russia, two countries that the National Defense Strategy recognizes as near-peer competitors to the United States. They’re already collaborating on research, both are run by autocratic regimes, and neither has much affinity for the United States. But the marriage may not be as steady as Russia, especially, would like others to believe. A new report out of Russia accuses the Chinese government of hacking Russian state targets.
The malware used in the attack, Webdav-O, bears an uncanny resemblance to code that certain Chinese hacker groups use, according to Group-IB, which was founded in Russia but now has offices in other countries.
“Group-IB specialists established that Webdav-O has a set of commands similar to a popular Trojan called BlueTraveller (aka RemShell), which was developed in China and has been linked to the hacker group called TaskMasters,” the report said.
A second Chinese attacker group, TA428, also hit Russian executive authorities in 2020.
“Group-IB experts believe that either both Chinese hacker groups (TA428 and TaskMasters) attacked Russian federal executive authorities in 2020 or that there is one united Chinese hacker group made up of different units,” the group writes.
That matters because Western military leaders have become increasingly concerned about growing ties between the two regimes. A NATO communiqué from June noted that China “is also cooperating militarily with Russia, including through participation in Russian exercises in the Euro-Atlantic area.”
China and Russia are also cooperating on space initiatives to challenge the United States and a wide variety of technology pursuits. But many experts describe the budding relationship as a mostly cosmetic alliance, one that benefits Moscow far more than Beijing. As China grows in power, Russia could become more eager to claim their relationship with China is healthy and growing, especially around technology.
“Chinese-Russian defense cooperation has generated significantly greater gains for China than it has for Russia. Over time, Moscow is poised to grow more dependent on Beijing as long as its standoff with NATO continues,” Eugene Rummer and Richard Sokolsky wrote in a Carnegie Endowment op-ed in June.
Another Russia watcher, Sam Bendett, said officials in Moscow had deliberately downplayed knowledge of Chinese hacks.
“Since Sino-Russian high tech cooperation is elevated to the highest levels, with leaders of both countries publicly promoting such bilateral activity, any discussion of potential Chinese hacking against Russia was a ‘third rail.’ There were few, if any, public admissions of confirmation that such anti-Russian activities are taking place,” said Bendett, a CNA adviser and an adjunct senior fellow at the Center for a New American Security. “So if these allegations are true and the Chinese hackers were indeed state-backed, it shows the difficulty of trying to preserve Sino-Russian high-tech cooperation as above the hacking that is supposed to be done by Russia’s ‘traditional’ cyber adversaries that are constantly singled out by Moscow, i.e., U.S. and NATO.”
When asked for his opinion on the report, Dmitri Alperovitch, co-founder and former chief technology officer of cybersecurity company CrowdStrike, said that Russia is “waking up to the fact that China has been hacking the world out of them for well over a decade.”