Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations


Recorded Future has uncovered ties between the Beijing Institute of Electronics Technology and Application (BIETA) and China’s Ministry of State Security (MSS), the country’s primary civilian intelligence service.

BIETA, the cybersecurity firm says, was likely established in some form in 1983, the same year the MSS was created, and supports, together with its subsidiary Beijing Sanxin Times Technology Co (CIII), MSS operations across various activities.

Most likely led by the MSS and headquartered in the ministry compound, BIETA is believed to research, create, and sell technology in support of the country’s intelligence, counterintelligence, and military operations, Recorded Future’s report shows.

“Their activities include researching methods of steganography that can likely support covert communications (COVCOM) and malware deployment; developing and selling forensic investigation and counterintelligence equipment; and acquiring foreign technologies for steganography, network penetration testing, and military communications and planning,” the cybersecurity firm says.

Although they do not engage in illicit activity, BIETA and CIII are almost certainly front organizations of the MSS, which engages in political and domestic cybersecurity, strategic, economic, and technological intelligence, and counterintelligence and counterespionage, and creates tools for intelligence officers and their affiliates.

BIETA comprises at least four research labs, focused on communication, multimedia information security, and electromagnetic technology, as well as hybrid integrated circuits, and has a quality testing center covering integrated circuits, networking, multimedia and audio-visual, and product integrated testing.

In addition to communication, information processing, information security, computer vulnerability, and signal technologies, BIETA researches cryptography, forensics technology, networking, steganography, and technology miniaturization.

At least four BIETA personnel, namely Wu Shizhong, He Dequan, You Xingang, and Zhou Linna, are linked to the MSS, and three of them are very likely MSS personnel, Recorded Future says.

Advertisement. Scroll to continue reading.

The cybersecurity firm also uncovered a focus on steganography, the technology of hiding information within otherwise ordinary data. Both BIETA and CIII research it, most likely in support of defensive and offensive MSS operational activities.

“In addition to other support, BIETA and its subsidiary, CIII, almost certainly facilitate the MSS’s and state security system’s missions by developing steganographic capabilities and selling security equipment,” Recorded Future notes.

Not only have Chinese APTs been observed using steganography to deploy malware, but CIII advertises on its website technology that supports the discovery of steganography in various file types, along with various foreign software that it likely resells.

Security and forensic investigation products and services that CIII provides cover counterintelligence investigations, prevention of data collection, signal jamming, and preventing electronic devices from entering a given area. A fingerprint-secured USB drive certified in 2006 is also likely developed by CIII or BIETA.

According to Recorded Future, the MSS also benefits from BIETA and CIII’s access to international expert communities, collaboration with other academics, participation in international conferences, and access to foreign technology, which creates technology transfer risks.

“How often BIETA and CIII conduct business outside of China or collaborate with foreign experts is unknown. However, foreign export control authorities concerned about the Chinese intelligence community and military’s access to COVCOM technologies like steganography, network simulation, penetration testing, and 3D and communications modeling technologies should review these entities,” Recorded Future notes.

Related: Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware

Related: Report Links Chinese Companies to Tools Used by State-Sponsored Hackers

Related: Mobile Forensics Tool Used by Chinese Law Enforcement Dissected

Related: A Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Century Risks



Source link

About Cybernoz

Security researcher and threat analyst with expertise in malware analysis and incident response.