Chinese hackers took trillions in intellectual property from about 30 multinational companies; CBS News, May 4, 2022

NICOLE SGANGA, CBS News; Chinese hackers took trillions in intellectual property from about 30 multinational companies

"A yearslong malicious cyber operation spearheaded by the notorious Chinese state actor, APT 41, has siphoned off an estimated trillions in intellectual property theft from approximately 30 multinational companies within the manufacturing, energy and pharmaceutical sectors.

A new report by Boston-based cybersecurity firm, Cybereason, has unearthed a malicious campaign — dubbed Operation CuckooBees — exfiltrating hundreds of gigabytes of intellectual property and sensitive data, including blueprints, diagrams, formulas, and manufacturing-related proprietary data from multiple intrusions, spanning technology and manufacturing companies in North America, Europe, and Asia. 

"We're talking about Blueprint diagrams of fighter jets, helicopters, and missiles," Cybereason CEO Lior Div told CBS News. In pharmaceuticals, "we saw them stealing IP of drugs around diabetes, obesity, depression." The campaign has not yet been stopped.

Cybercriminals were focused on obtaining blueprints for cutting-edge technologies, the majority of which were not yet patented, Div said.

The intrusion also exfiltrated data from the energy industry – including designs of solar panel and edge vacuum system technology. "This is not [technology] that you have at home," Div noted. "It's what you need for large-scale manufacturing plants.""

'This is the new reality': Panelists speak for Pitt cyber security institute; Pittsburgh Post-Gazette, 2/3/17

Chris Potter, Pittsburgh Post-Gazette; 

'This is the new reality': Panelists speak for Pitt cyber security institute:

[Kip Currier: This was a fascinating and informative panel at the University of Pittsburgh on February 2, 2017, discussing cyberhacking, efforts to identify hackers and hacker-sanctioning actors/nation states, and responses to hacking threats and incidents.

Two comments (which I'll paraphrase below, without benefit of a transcript) by panelist and Russian journalist Andrei Soldatov, stood out for me:

1. Vladimir Putin's Russia has deftly understood and exploited the distinction between "cybersecurity" and "information security" (the West, Soldatov contends, has focused more on the former).

2. Under Stalin, technical training in Soviet universities and technical institutes did not include study of ethics and the humanities (largely relegated to those in medical professions).]

"The precise identity and motivations of the hackers who leaked sensitive Democratic emails during last year’s presidential election may never be known. But they left fingerprints that were familiar to Andrei Soldatov, a journalist who has written about Russia’s security state for the past 20 years.

Like much of the propaganda back home, Mr. Soldatov said at a University of Pittsburgh panel discussion Thursday, “It’s not about building the positive narrative, it’s about building the negative narrative. … To say everyone is corrupt and no one can be trusted — people will accept this.”

Mr. Soldatov was one of four panelists convened by Pitt’s fledgling Institute of Cyber Law, Policy, and Security and its new director, former U.S. Attorney David Hickton. The discussion drew a few hundred people to the first public event for the center, which focuses on cybercrime and cybersecurity."