Apt-c-39 organization mentioned by Zhao Lijian

At the foreign ministry’s regular press conference on the 19th, spokesman Zhao Lijian mentioned an apt-c-39 cyber attack organization under the CIA. This organization can be said to be the most evil hacker organization on earth. It has carried out cyber attacks on China for 11 years. What are the details of this organization? U.S. cyber spies are all pervasive, targeting not only opponents, but also allies, and maybe even your and my mobile phones. How low is the bottom line of cyber espionage in the United States?

Where does apt-c-39 network attack organization come from?

Apt is the abbreviation of “advanced long-term threat” in English. Apt technology comprehensively uses all available hacker means, not only limited to network attacks, but also combined with offline spy penetration. It is recognized as the most harmful hacker attack. China is the main victim of apt attacks. Apt-c-39 was first coded and named by a report released by network security company Qihoo 360 in March 2020. Among them, C means that the target of attack is China, 39 means that this organization is the 39th apt hacker group found by the company targeting China. The report points out that apt attacks against China are mainly concentrated in economically developed regions such as Beijing, the Pearl River Delta and the Yangtze River Delta.

Taking the victimization of China’s aerospace research field as an example, apt-c-39 has carried out a long-term “targeted strike” against the system developers of relevant core institutions. For example, under the cover of international conferences, e-mails with Trojans are sent to scientific researchers, or U-disks with network attack weapons are given away. After a period of time, the electronic devices around scientific researchers form a hacker network and steal intelligence for years.

The analysis shows that the technical characteristics of apt-c-39 attacks are highly regular, which shows that there is a tight organizational background behind the attacks, and it is most likely that the attacks were committed by national hacker organizations. In addition, the attacks launched by apt-c-39 are based on the US Eastern time, so the “main brain” of apt-c-39 is located in this time zone. It is worth noting that Virginia, where the CIA headquarters is located, uses US Eastern time.

CIA’s hacker weapon against China – “fornix 7”

The relevant intelligence analysis also concluded that the cyber weapons used in the attack were consistent with the vault7 published by Wikileaks“ WikiLeaks published 8176 copies of documents from the CIA’s cyber Intelligence Center in 2017, including information about dome 7, which is regarded as a “core weapon” by the CIA. The information was provided to WikiLeaks by Joshua Adam Schulte, then head of scientific and technological intelligence at the CIA’s Secret Operations Service (NCS). He was directly involved in the development of the cyber weapon vault7 against Chinese attacks. So far, the evidence chain of apt-c-39 directly related to the CIA has been quite complete. In addition, there is evidence that some of the attack weapons used by apt-c-39 were developed by the US National Security Agency, indicating a higher level of coordination behind them.