cross-posted from: https://lemmy.sdf.org/post/50660067
[...]
Rehearsing attacks on critical infrastructure offers China a potential advantage by allowing cyber operations to be planned and practiced in advance rather than improvised in real time.
[...]
The existence of such a platform, focused on offensive rather than defensive operations, raises questions about repeated claims by Chinese officials that their government does not conduct cyberattacks.
[...]
The platform was developed by a company called CyberPeace (赛宁网安), which celebrates extensive links to the country’s government and military on its website. CyberPeace did not respond to a request for comment, sent in both English and Chinese, when contacted about this article.
The documents do not identify which state authority commissioned the company to build Expedition Cloud. There are numerous independent agencies — from units of the People’s Liberation Army (PLA) to regional bureaus of the Ministries of Public Security and State Security — who could have been initially responsible, said several independent experts consulted by Recorded Future News. The experts also suggested that CyberPeace could have sold the platform to multiple customers.
The specialist researchers told Recorded Future News they regarded the find as extraordinary, and said there was no possible alternative to the Chinese state’s involvement. “This was created to meet the needs of a state customer. We don’t see the purchase order, but we see what they built,” said Dakota Cary, a specialist on China for cybersecurity company SentinelOne.
[...]
Mei Danowski, a cyberthreat intelligence professional and the co-founder of Natto Thoughts, described the documents as “really valuable,” noting they provided an unprecedented amount of detail about China’s use of cyber ranges.
“The Chinese Communist Party wants to be seen as promoting peace and not as an aggressor,” added Cary. “Their public statements reflect that. Their observable actions do not.”
[...]