shanghai police leak reveals china to be as vulnerable as any nation
Vilius Petkauskas , Journalist Updated on: 04 August 2022
shanghai police leak reveals china to be as vulnerable as any nation

Image by Edgar Su/Reuters.

The record-breaking leak, if confirmed, would show that Chinese organizations deal with the same security issues as the West does.

Reports show that most ransomware gangs focus on organizations in the US, UK, EU, Australia, or Canada, and therefore it’s easy to view countries in the Western hemisphere as more susceptible to attacks.

However, the recent data leak from the Shanghai National Police (SHGA) serves as a reminder that similar security issues persist throughout the globe. If confirmed, the SHGA leak would become the largest of its kind ever, flooding the dark web with data on a billion people.

According to Andrew Hollister, CSO at security intelligence company LogRhythm, almost all organizations that experienced a data breach have some sort of cybersecurity program in place, and there is no reason to assume that the situation is any different in China.

“In general, it tells us that they suffer from the same problems as the rest of the world. […] Almost every organization on the planet that has been breached has some sort of cybersecurity program, and there is no reason to assume that it is any different in China,”

Andrew Hollister, CSO at security intelligence company LogRhythm, said.

What would it take for the leak to be verified, apart from confirmation from the Shanghai police?

A data breach of some kind has taken place, but it’s difficult to verify the exact extent. Some data has been shared with media outlets, but confirmation apart from the Chinese authorities would only be possible in the form of a review of the full dataset.

Given information constraints on how the leak happened, what’s your ‘best guess scenario’ on how threat actors managed to get hold of such an immense amount of data?

There have been several theories, but the latest information appears to point to a misconfiguration of a cloud-provided service, leaving the data freely available to anyone who could find and download it. Most breaches start with either phishing or compromise of remote access services, but we’ve seen many examples worldwide of insecure configurations, and services that are entirely unsecured or using default credentials.

What does a leak of this magnitude say about cybersecurity practices in the Shanghai police? Do you think it’s possible all of the sensitive data was stored on a single database?

In general, it tells us that they suffer from the same problems as the rest of the world. Success in cybersecurity starts with basics such as strong password hygiene, multi-factor authentication, securing external facing services, and ensuring that highly sensitive personally identifiable information is properly protected. Almost every organization on the planet that has been breached has some sort of cybersecurity program, and there is no reason to assume that it is any different in China.

If the reports of an unsecured or misconfigured cloud service are true, this is something that is commonly seen and speaks to the importance of understanding the services you are consuming. According to an IBM report, one of the most common initial attack vectors was cloud misconfigurations at 15% of breaches. This shows that cloud providers have a responsibility to deliver services that are secure by default, or at least make it easy to choose the secure option and flag potentially insecure configurations.

Since China is known to have massive surveillance of its citizens, it would not be surprising if all the data was contained within one system or a single repository.

shanghai police leak reveals china to be as vulnerable as any nation

The post on an online marketplace, announcing the data breach. Image by Cybernews.

Mentions of the leak were censored on Chinese social media networks. What does that say about China’s attitude towards accountability for cybersecurity incidents?

Social media networks seem to be routinely censored in China, so I don’t think this tells us much. However, it does lend some additional credence to the breach claims.

The authorities have been emphasizing the importance of cybersecurity and have made efforts to make corporate organizations take data privacy seriously, but I don’t think we can imply much about the attitude of the Chinese from the social media actions.

While they haven’t spoken to this breach directly, state-sponsored media have commented on government meetings addressing information security and data privacy in general terms.

Do you think the leak might have national security implications for China? Do you believe nation-states are going through the data to collect information on persons in high-profile military, or intelligence roles?

We don’t know enough details about the context of the breach to make any assessment of this. The assumption would be that a breach of that size would contain information on high-profile individuals, but whether the police are permitted to capture and store information about those individuals is another question altogether. Nevertheless, the potential for this certainly remains an interesting prospect that I feel nation-states outside of China would have great interest in.

Beyond that, the scope for impersonation and fraud using personal details is huge, as is the possibility for blackmail and revenge. Therefore, the inclusion of criminal records or even cases that didn’t result in a conviction on the database must also be of great concern.

What lasting effect will the leak, if confirmed, have on the cybersecurity landscape in China?

China did implement new data privacy laws, including the Personal Information Protection Law and the Data Security Law last year, which were applicable to private companies, but I believe not to the government. Whether there will be moves to extend that to government entities, or if they will implement other measures is unknown. Regardless, this must be causing the authorities there to take a good hard look at the cybersecurity posture of their government departments.

There are some signs of other breaches coming to light since this one, but it’s not confirmed if that is because there have been more, or that some previously unknown breaches are now being reported and criminals are trying to make money from them.

TECH NEWS RELATED

Research reveals how common online health marketing practices may violate patient privacy

Credit: Unsplash/CC0 Public Domain The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 to protect sensitive protected health information (PHI) from being disclosed without patient consent. But a study published August 15 in the journal Patterns shows that some PHI is not as secure as expected. ...

View more: Research reveals how common online health marketing practices may violate patient privacy

AI-designed camera only records objects of interest while being blind to others

Object class-specific imaging using a diffractive camera. a Illustration of a three-layer diffractive camera trained to perform object class-specific imaging with instantaneous all-optical erasure of the other classes of objects at its output FOV. b The experimental setup for the diffractive camera testing using coherent THz illumination. Credit: eLight ...

View more: AI-designed camera only records objects of interest while being blind to others

How to Remove Password From PDF

Are you tired of constantly entering the password to your PDF, especially if it no longer needs one? Or, do you want to give others quick access to your PDF file at all times? If so, you can easily opt to remove the password. Similar to adding a password, ...

View more: How to Remove Password From PDF

How to Enable or Disable Bitlocker?

Data privacy is a concerning topic in this technological world. Information is vulnerable to different kinds of attacks and thefts online or offline. Security measures may be effective to a point when online due to server syncing. But what if such attacks are initiated offline? Windows provides a BitLocker ...

View more: How to Enable or Disable Bitlocker?

Ex-Qualcomm research vice president and three others charged in $150 million fraud scheme

Credit: Pixabay/CC0 Public Domain Federal prosecutors unveiled fraud and money-laundering charges this week against a former Qualcomm research engineer and three others for allegedly duping the San Diego company into paying $150 million to acquire technology that it putatively owned already. A federal grand jury handed up the indictment ...

View more: Ex-Qualcomm research vice president and three others charged in $150 million fraud scheme

Amazon, Oracle shrug off lawmaker fears of abortion data sales

Credit: Unsplash/CC0 Public Domain Amazon.com Inc., Oracle Corp. and other data providers pressed by a group of U.S. lawmakers about how they sell mobile phone location data offered assurances that the information couldn’t be used to track individuals seeking abortion services. U.S. Representative Lori Trahan, one of the House ...

View more: Amazon, Oracle shrug off lawmaker fears of abortion data sales

Deepfakes expose vulnerabilities in certain facial recognition technology

Credit: Pixabay/CC0 Public Domain Mobile devices use facial recognition technology to help users quickly and securely unlock their phones, make a financial transaction or access medical records. But facial recognition technologies that employ a specific user-detection method are highly vulnerable to deepfake-based attacks that could lead to significant security ...

View more: Deepfakes expose vulnerabilities in certain facial recognition technology

US unmasks Conti suspect for first time, asks public help to identify him

Jurgita Lapienytė Deputy Chief Editor Updated on: 12 August 2022 Image by Shutterstock If you have any information about the malicious hackers known as Target, Reshaev, Professor, Tramp, and Dandis, come forward. The US has revealed the face of a Conti associate for the first time and is asking for ...

View more: US unmasks Conti suspect for first time, asks public help to identify him

Meta failing to stamp out cyberbullying, says report

Russian cyberwarfare has mixed success, say experts

Australian court orders Google to pay $43 million for misleading users

FTC zeroes in on Big Tech with public consultation

Cybersecurity In Movies Myths vs. Reality

Zeppelin ransom gang executes malware multiple times within a victim’s network

Study reveals AI prediction model that could help save firefighter lives

Russian threat group targets online vendors in Singapore

7-Eleven stores knocked out after a cyberattack in Denmark

Researchers mitigate potential side-channel attack vulnerability in multicore processors

Threat actors use Google Cloud to spoof Best Buy

Identity theft: why oversharing your data online could put your quality of life in jeopardy

OTHER TECH NEWS

Top Car News Car News