The Hidden China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking

Hijacking Internet Traffic not covered by the anti-theft 2015 Xi-Obama Agreement Surprisingly, the voluntary 2015 Xi-Obama agreement stopping military forces from hacking commercial enterprises for economic gain did appear to dramatically reduce Chinese theft efforts against western targets. China’s technological development process, however, was still dependent on massive expropriation of foreign R&D.


cyberaffairs

Click the image above to go to the paper

This necessitated new ways to get information while still technically adhering to the agreement. Since the agreement only covered military activities, Chinese corporate state champions could be tasked with taking up the slack. But even Chinese multinationals, such as Huawei or ZTE, were already being viewed with suspicion. Instead data suggests the government opted to leverage a seemingly innocuous player – one that is normally viewed as a passive service provider – to target the foundational infrastructure of the internet to bypass the agreement, avoid detection, and provide the necessary access to information.

Enter China Telecom3 – a large state champion telecommunications company – as an option. While the 2015 agreement prohibited direct attacks on computer networks, it did nothing to prevent the hijacking of the vital internet backbone of western countries.

Conveniently, China Telecom has ten strategically placed, Chinese controlled internet ‘points of presence’4 (PoPs) across the internet backbone of North America. Vast rewards can be reaped from the hijacking, diverting, and then copying of information-rich traffic going into or crossing the United States and Canada – often unnoticed and then delivered with only small delays.

This essay will show how this hijacking works, and how China Telecom seems to employ its distributed points of presence (PoPs) in western democracies’ telecommunications systems to selectively redirect internet traffic through China. It will show the observed routing paths, give a summary of how one hijacks parts of the internet by inserting these nodes, and outline the major security implications.

These Chinese PoPs are found all over the world including Europe and Asia. The prevalence of – and demonstrated ease with which – one can simply redirect and copy data by controlling key transit nodes buried in a nation’s infrastructure requires an urgent policy response. To that end, we recommend an ‘Access Reciprocity’ strategy for vulnerable democracies – one that is

We at Adept Technologies recommend that all Cyber Professionals read this paper.

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

Its just a matter of time

We are watching you. From us to you. Its just a matter of time.

ADEPT SECURE ® Reduced Cyberattacks by 96%. By implementing ADEPT SECURE ® on high target Power Company and Government systems they have reported to us a staggering 96% reduction in cyberattacks.

As we get more results, and more attack data, the overwhelming tasks of dealing with numerous cyberattacks have become more manageable with ADEPT SECURE ®.

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

ADEPT SECURE ® Reduced Cyberattacks by 96%

Cyber Security – ADEPT SECURE ® sets a standard in providing high levels of protecting data and integrity of computing assets belonging to and connecting to an organization’s network. Its purpose is to defend those assets against all threat actors throughout the entire life cycles of numerous cyberattacks.

96 Percent

Adept’s Secure Security Solution – Data Breaches and attacks are an increasing threat to every computerized system which also faces the prospect of severe impact on their branding and reputation due to increased negative sentiment driven by media news of successful cyberattacks.

A majority of cyber security experts agree that mitigating reputational risk is crucial to any business and that managing IT Security plays a major role in these efforts, along with the obvious loss of Intellectual property, money, insurance, and other value.

ADEPT SECURE ® Reduced Cyberattacks by 96%. By implementing ADEPT SECURE ® on high target Power Company and Government systems they have reported to us a staggering 96% reduction in cyberattacks.

We believe that once the attacking systems realized they are being tracked, blocked, recorded, watched, they move on to easier targets. It is like parking your car and locking it in a very bad neighborhood at night.

You have billions of bad guys attempting to open the door, see its locked and move on to the next parked car. Then you get the millions that have dealer set keys that try every attempt to open the lock on the door, none of their keys work because the door lock disappears. Then you get the thousands that attempt to break the car windows, they move on because the whole car disappears.

All the attackers are on security cameras and photos of them all have been recorded are shared with other car owners and law enforcement.

The bad guys that have Harry Potter’s Cloak of Invisibility on, that is make believe, you think your IP address is spoofed, nothing is truly invisibility on the internet.

“As we get more results, and more attack data, the overwhelming tasks of dealing with numerous cyberattacks have become more manageable with ADEPT SECURE ®, and you sleep a lot better” says Nicholas Cordua, Chief Technology Officer of Adept Technologies Inc.

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

Run for your life! There are stupid hackers everywhere!

Over the last three months the amount of hacking has been insane. However, the amounts of hacking data we have received on the bad guys has been amazing. Our cyber security teams have been having a lot of fun and we have learned a lot.

Here is some of what we learned.

Spoofing IP addresses, we have seen a lot of this lately, and unfortunately most ISP (Internet Service Providers) are supposed to NOT allow this type of traffic to pass through their systems.

Bad Hackers

Unfortunately these ISP corporations are allowing this traffic through their systems, since we have caught a lot of it.

Denial of Service Attacks, are way up. We see hackers get pissed off on not getting what they want so they have temper tantrums and fire off Denial of Service attacks. Which is totally stupid.

Spoof your IP addresses when doing this, you don’t want a swat team showing up at the data center you have a VM (virtualized server) account with a VPN (Virtual Private Network) from your private LAN running stolen CIA hacking tools, attacking us.

It will be wonderful seeing the USA Data center people getting pissed off and coming after you since we filed civil and criminal complaints against them for your illegal actions.

Let’s throw in the law firms. We then file huge amounts of civil legal action against these firms, huge amounts of damages, any law firm eats this up, especially ours. The insurance companies get involved, their law firms get involved and we basically put you or your supporters out of business.

No insurance company will ever insure you again based on the huge amounts of settlements or when we go to trial, because we love to go all the way. It is just over for you or the company allowing you to hack.

Since the Coronavirus has been very bad, especially here in the USA, I don’t ever see a Jury feel sorry for a Hacker that took down any SaaS system, or stole data that caused problems when everyone is using these systems to work from home.

If you are outside the USA, that is ok too. We just block your whole country. That’s when you purchase a service here in the USA and attack us that way, which is great because we then have a party here in the USA that allowed you to do this. Lawsuit! We then go after them.

We watch everything, because that is what we do. We are super nerds. One nice thing about all these attacks is the data. We look forward towards more data.

There are patterns in the attacks too, some just go on forever especially brute force attacks against FTP and VPN systems. Even if you shut off the ports and log the attempts. The logs just capture so much honey. Some of these attacks come from University systems (University of Utah 128.110.154.3 and Wisconsin 128.105.145.159) Is everyone out there a hacker these days?? I guess they are, but stupid in more ways than one.

Be safe out there. Sad seeing all of this. We as humans are supposed to be better than this, we must all be held to a higher standard. If not well when you get caught and you will if you are a hacker, it will not be good for you. Can’t we all just get along? If your a hacker Stop it!

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

Honey Pot Caught List

Offering On premise systems for 19 years and SaaS systems for over 12 years, Cyber Security has always been a major part of our core systems.

One fun part of this non-stop battle are honey pots. We have numerous honey pots setup to suck in the bad guys and their attacks, let them eat up our poison honey we give them.

Adept Secure® Honey Pot
Adept Secure ® Honey Pot

We work with numerous Law Enforcement agencies especially with the FBI and DHS who enjoy the constant bad guy sources and their contact information of their attacks against our systems.

Going forward we will be sharing the top attack information with the public, since we feel it is important for everyone to have the IP addresses of these attackers.

Here is the list of the very bad that got caught in one of our honey pots on 06/02/2020.

1) 185.106.96.0-185.106.96.255
2) 93.99.104.0-93.99.104.255
3) 85.204.246.0-85.204.246.255
4) 185.86.164.0-185.86.164.255
5) 92.244.247.0-92.244.247.255
6) 185.85.191.0-185.85.191.255
7) 89.35.39.0-89.35.39.255
8) 110.43.208.0-110.43.208.255
9) 43.239.191.0-43.239.191.255
10) 60.190.248.0-60.190.248.255
11) 218.77.12.0-218.77.12.255
12) 164.52.24.0-164.52.24.255
13) 113.12.77.0-113.12.77.255
14) 92.119.160.0-92.119.160.255
15) 195.54.166.0-195.54.166.255
16) 92.63.194.0-92.63.194.255
17) 195.54.160.0-195.54.160.255
18) 50.156.73.0-50.156.73.255
19) 139.199.131.0-139.199.131.255
20) 195.169.125.0-195.169.125.255
21) 89.248.160.0-89.248.160.255
22) 92.53.65.0-92.53.65.255
23) 185.176.27.0-185.176.27.255
24) 45.134.179.0-45.134.179.255
25) 114.42.99.0-114.42.99.255
26) 128.199.162.0-128.199.162.255
27) 176.113.115.0-176.113.115.255
28) 185.175.93.0-185.175.93.255
29) 51.178.78.0-51.178.78.255
30) 83.240.182.0-83.240.182.255
31) 89.248.168.0-89.248.168.255
32) 128.105.145.0-128.105.145.255
33) 54.36.160.0-54.36.160.255
34) 195.54.161.0-195.54.161.255
35) 182.61.19.0-182.61.19.255
36) 18.231.147.0-18.231.147.255
37) 185.209.0.0-185.209.0.255
38) 185.176.27.0-185.176.27.255
39) 176.113.115.0-176.113.115.255
40) 125.224.14.0-125.224.14.255
41) 185.209.0.0-185.209.0.255
42) 92.63.196.0-92.63.196.255
43) 223.71.167.0-223.71.167.255
44) 36.239.218.0-36.239.218.255
45) 89.248.172.0-89.248.172.255
46) 83.97.20.0-83.97.20.255
47) 185.186.78.0-185.186.78.255
48) 192.151.145.0-192.151.145.255
49) 195.54.166.0-195.54.166.255
50) 144.217.78.0-144.217.78.255
51) 185.153.199.0-185.153.199.255
52) 93.174.89.0-93.174.89.255
53) 165.227.15.0-165.227.15.255
54) 162.243.142.0-162.243.142.255
55) 185.222.59.0-185.222.59.255
56) 119.63.74.0-119.63.74.255
57) 1.162.98.0-1.162.98.255
58) 185.153.196.0-185.153.196.255
59) 195.54.167.0-195.54.167.255
60) 91.4.215.0-91.4.215.255
61) 36.112.131.0-36.112.131.255
62) 69.147.82.0-69.147.82.255
63) 192.243.250.0-192.243.250.255
64) 113.214.30.0-113.214.30.255
65) 76.14.31.0-76.14.31.255
66) 46.174.191.0-46.174.191.255
67) 103.114.107.0-103.114.107.255
68) 162.243.143.0-162.243.143.255
69) 185.156.73.0-185.156.73.255
70) 98.128.178.0-98.128.178.255
71) 172.104.60.0-172.104.60.255
72) 185.175.93.0-185.175.93.255
73) 94.102.51.0-94.102.51.255
74) 183.136.225.0-183.136.225.255
75) 139.162.189.0-139.162.189.255
76) 193.27.228.0-193.27.228.255
77) 129.82.138.0-129.82.138.255
78) 189.130.122.0-189.130.122.255
79) 163.172.40.0-163.172.40.255
80) 96.87.237.0-96.87.237.255
81) 63.250.38.0-63.250.38.255
82) 92.63.196.0-92.63.196.255
83) 104.236.247.0-104.236.247.255
84) 54.39.151.0-54.39.151.255
85) 3.101.13.0-3.101.13.255
86) 141.135.71.0-141.135.71.255
87) 45.143.220.0-45.143.220.255
88) 87.251.74.0-87.251.74.255
89) 3.101.13.0-3.101.13.255
90) 141.135.71.0-141.135.71.255
91) 45.143.220.0-45.143.220.255
92) 89.144.47.0-89.144.47.255
93) 218.211.169.0-218.211.169.255
94) 61.132.87.0-61.132.87.255
95) 94.102.56.0-94.102.56.255
96) 80.82.78.0-80.82.78.255
97) 162.62.17.0-162.62.17.255
98) 46.161.27.0-46.161.27.255
99) 106.37.74.0-106.37.74.255
100)162.243.141.0-162.243.141.255
101)128.199.134.0-128.199.134.255
102)51.161.12.0-51.161.12.255
103)195.154.189.0-195.154.189.255
104)70.104.137.0-70.104.137.255
105)27.74.22.0-27.74.22.255
106)167.99.150.0-167.99.150.255
107)194.26.25.0-194.26.25.255
108)198.108.66.0-198.108.66.255
109)90.150.162.0-90.150.162.255
110)186.209.184.0-186.209.184.255
111) 37.36.229.0 – 37.36.229.255
112) 54.39.131.0 – 54.39.131.255 (54.39.131.174)
113) 178.21.164.0 – 178.21.164.255 (178.21.164.90)
114) 91.134.27.0 – 91.134.27.255 (91.134.27.29)
115) 31.28.106.0 – 31.28.106.255 (31.28.106.171)
————————————————-

Here is a very good link to exam the IP addresses that are attacking your systems: https://scamalytics.com/ip

Update: (6/13/2020) it appears that many bad guys are using US Based Server Farms that allow for remote access outside the USA to attack.

Denial of Service Attacks are originating from these locations. (Http Port 80 and Https 443)
192.151.146.0 – 192.168.146.255
51.222.38.0 – 51.222.38.255
24.12.196.0 – 24.12.196.255
173.31.143.0 – 173.31.143.255
54.39.131.0 – 54.39.131.255
73.107.171.0 – 73.107.171.255
144.217.105.0 – 144.217.105.255
174.137.58.0 – 174.137.58.255
78.105.8.0 – 78.105.8.255 – U.K.

FTP attacks (Port 21 and 22)
45.168.67.0 – 45.168.67.255
23.129.64.0 – 23.129.64.255
59.56.79.0 – 59.56.79.255
125.88.183.0 – 125.88.183.255
38.21.239.0 – 38.21.239.255
38.21.230.0 – 38.21.230.255 (38.21.230.188)
125.88.144.0 – 125.88.144.255
43.227.222.0 – 43.227.222.255

IP Spoofing UDP
169.254.30.0 – 169.254.30.255 (169.254.30.99)
———————————————

Update 6/18/2020 – China attacking today good attacks!

FTP(s) attacks (Port 21 and 22) Brute Force
1) 119.188.242.0 – 119.188.242.255 (119.188.242.128)
2) 58.217.230.0 – 58.217.230.255 (58.217.230.27)

HTTP(s) attacks (Port 80 and 443) Troll, Brute Force and SQL Injection
1) 203.171.235.0 – 203.171.235.255 (203.171.235.212)
2) 86.14.80.0 – 86.14.80.255 (86.14.80.176)

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.