Some readers in undecided countries may require visceral evidence of the Huawei hazard. While hacking a website is old news, China is a corporate state where hacking is a tool generally employed. The hacks documented below have limited effect, because, with the exception noted by Bloomberg, China has not infiltrated U.S. server infrastructure at the hardware level. Quoting (Bloomberg) New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom,
A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working…
There are many ways to hack a website. Since the security of commercial servers is professionally maintained, the softer target is the client software hosted on a server, as exhibited below. It originated today from IP 126.96.36.199, which by reverse-DNS lookup, resolves to “CHINA UNICOM China169 Backbone, Beijing.” Although there are many kinds of attacks, this typifies the thousands of occasions in the website log of hacking attempts.
China hackers of Intel9 showed little interest in geopolitics. The intensity of attacks seen by Intel9 spiked in reaction to technical content. Conversely, Russian interest correlates more with their refined approach to HUMINT.
Each line below represents an attempt, this morning, to access a nonpublic file at the core of a WordPress installation. The location of the file is on the left. The result code, “404” indicates that the attacker failed to access the file.
//x.php www.intel9.us 404 05-21-19 11:56 am
//lx.php www.intel9.us 404 05-21-19 11:56 am
//plus/mybak.php www.intel9.us 404 05-21-19 11:56 am
//data/cache/flye.php www.intel9.us 404 05-21-19 11:56 am
//plus/read.php www.intel9.us 404 05-21-19 11:56 am
//plus/lucas.php www.intel9.us 404 05-21-19 11:55 am
//data/cache/asd.php www.intel9.us 404 05-21-19 11:55 am
//plus/laobiao.php www.intel9.us 404 05-21-19 11:55 am
//fdgq.php www.intel9.us 404 05-21-19 11:55 am
//Config_Shell.php www.intel9.us 404 05-21-19 11:55 am
The attacks failed, in large part because China has not, at least on a large scale, infiltrated server hardware. Such infiltration embodies the Huawei threat.