China is now trying to hack into U.S. networks to exploit the ongoing trade war, experts say.
Chinese cyber hackers have been secretly building a "back door" that allows them to infiltrate U.S. company networks at a fraction of the cost to build them from scratch, cybersecurity firm Check Point said in summary of the report, which was released Thursday.
China is one of the most active nation-state threat actors in the field of cyber warfare, Check Point said in a statement sent to Fox News, adding that as the U.S.-China trade war escalates, the Chinese are trying to position themselves to carry out larger and more sophisticated cyber-attacks.
We are witnessing the “application of the same IP theft methodologies, but now in an area that is way harder to fight against,” Mark Lechtik, lead cyber security researcher at Check Point, told Fox News.
The key strategic aim is to get inside U.S. company networks then spread quickly within those networks, Check Point said.
China builds its cyber warfare tools by tapping into U.S. computer exploit tools, according to Check Point. One way of doing this is the so-called exploit tactics. American companies spend millions on ways to combat computer exploits used for cyber attacks. This has “inspired Chinese hackers to build a secret path to garnish those resources for their own,” Check Point said.
The report cites a blog from cybersecurity giant Symantec outlining an NSA (National Security Agency)-like exploit used by a Chinese state-sponsored group named APT3 prior to 2017, the year in which a number of NSA exploits were leaked by a group named The Shadow Brokers.
“The leak of NSA tools by the Shadow Brokers in 2017 has shown how the US has immense in-house exploit [capabilities]. The Chinese would obviously want to get to the same capabilities, but their way to gain those powers is different from that of the U.S.” the report said.
Check Point: how the Chinese do it
Check Point Research analyzed the malicious tool used by APT3 and learned that the Chinese group was monitoring computers that were compromised by the NSA, capturing traffic from the attack then leveraging it to reverse engineer vulnerabilities.
Usually, these tools are built in-house or purchased from a third party, Check Point said. But in this case the tools obtained by the Chinese are reverse engineered from the U.S. for use in their own hacking arsenal, according to Check Point.
“The Chinese were able to build their own exploitation tool that looked almost the same as the American one but was actually built in China,” the report said.
"This...suggests a narrative where China and the US are engaged in a cyber arms race to develop new exploits," the report added.
Fox News has reached out to the Chinese government with a request for comment on this story.