China: The Chinese cybersecurity firm Qihoo released a report accusing the CIA (Central Intelligence Agency) of being behind multiple cyber-attacks targeting Chinese entities. Targets of the attacks were located in Beijing, Guangdong, and Zhejiang and dealt with a range of industries including the aviation industry, research intuitions, petroleum industry, Internet companies, and government agencies. Qihoo stated that they believe these attacks were carried out to gain a foothold into targeted systems to allow the CIA long-term intelligence gathering. The attacks were linked back to the CIA through two types of malware, dubbed Fluxwire and Grasshopper. Both of these malware programs were released in 2017 after a backup copy of the CIA’s arsenal was handed over to Wiki Leaks, known commonly as the Vault 7 leak. Shortly after the leak, security companies including Symantec identified malware that they had been tracking for years as being included in the Vault 7 leak. Qihoo linked these attacks on Chinese entities to the CIA by matching attack details such as Command and Control (C2) servers and other Indicators of Compromise (IOCs).
By: Dan McNemar It is not a new concept that criminals use the Darknet to