DHS cyber office hosting webinars with company stakeholders to discuss Chinese cyber threats

The Department of Homeland Security’s top cyber official is hosting a series of webinars with company stakeholders in an attempt to facilitate discussions about malicious Chinese cyber activity.

Christopher Krebs, the first director of the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), said this communication is a “foundational activity” he hopes will encourage increased sharing between his agency and their businesses.

“The objective of the webinar is to help folks understand, identify and reduce vulnerabilities and threats. What we want to do is to get them to come back and work with us in the event that they find something,” Krebs told The Hill in an exclusive interview on Tuesday. 

{mosads}Krebs listed a series of sectors that China is likely to target and said Beijing has made it clear it wants to grow in these areas.

“One of the things we are trying to educate is if you are in a strategic sector — those include robotics and automated machine tools, next generation information technology, biotechnology, aircraft and aircraft components, clean energy vehicles, and electrical generation and transmission — if you are in one of those sectors, and if you do business in China, you are a target,” Krebs said.

Krebs said these Chinese hackers were looking to compromise managed service providers (MSPs) to get to their customers — it was using their MSPs as the jumping off point to get to the true intended target.

The webinar set for Wednesday afternoon has reached capacity at 2000 participants, Krebs said, who added that they have several others that they are scheduling that are also quickly filling up. A second one is scheduled for next week.

“We are well over what we expected so we will be able to reach out to at least 6,000 [stakeholders] through this process,” he said.

The webinars come after the Trump administration unveiled charges against two hackers linked to China’s intelligence and security agency in December, alleging that they engaged in a decade-long cyber espionage campaign against dozens of companies in the United States and around the world.

Authorities, who say these cyber actors are part of the Chinese hacking group APT10, allege that they compromised companies across many industries in the U.S. and at least 11 other countries by targeting MSPs, which hold intellectual property and other sensitive business information.

Krebs said the MSPs were a way to gain access to their intended targets.

“The Chinese actors were looking to compromise MSPs in order to get to their customers, using their MSPs as the jumping off point to get to the true intended target,” he told The Hill.

When asked whether there has been a rise in hacking attempts by the Chinese state amidst a trade war with Beijing, Krebs said he is “not sure we are attracting any activity against federal networks” following these charges.

But he noted that APT10 campaign is “ongoing, it continues even after indictments.”