Chinese hackers targeted the Alaska state government during negotiations over a major natural gas pipeline project in the Arctic state, according to cybersecurity experts.
“We believe these reconnaissance activities were not coincidental as they align broadly with China’s strategic and economic interests,” said the new report from Recorded Future, a private intelligence company focused on “real-time” threat insights.
Alaska Gov. Bill Walker, an independent seeking reelection through the Democratic Party primary, led a trade delegation to China in May. The trip was part of a longer-term effort to build a pipeline that would connect one of the world’s largest natural gas reserves to the Chinese market. Recorded Future researchers, after uncovering a backdoor into Linux operating system that was used to connect to Tsinghua University — an elite tech university affiliated with government programs to make it “easier for China to steal intellectual property,” the report noted.
Tsinghua officials appear to have sought “to ascertain vulnerabilities and gain illegitimate access” in the days prior to Walker’s May 20 arrival in the country, and then again after his departure.
“The spike in scanning activity at the conclusion of trade discussions on related topics indicates that the activity was likely an attempt to gain insight into the Alaskan perspective on the trip and strategic advantage in the post-visit negotiations,” Recorded Future assessed.
Walker is trying to finalize a deal to have China finance a $43.4 billion pipeline project that could provide access to Alaska’s North Slope, which could hold more than 200 trillion cubic feet of natural gas.
“This, to me, is the next economic driver for the state,” Alaska Gasline Development Corporation president Keith Meyer, who is managing the state’s efforts to access the reserves, told E&E News in April. “It sits right in the neighborhood of the largest LNG market on the planet — in the Asia-Pacific. And the only thing that separates those two things is 807 miles of pipeline and an LNG plant.”
If the report is correct, China is taking some of the surveillance tools developed for monitoring the repressed Tibetan minority and repurposing it to target American interlocutors. The Linux backdoor was used to scan an Anchorage-based telecommunications company, a broadband company, the Alaska Power & Telephone Company, the state government, and the state’s department of natural resources.
“Recorded Future discovered the presence of the ‘ext4’ backdoor during our ongoing research into the targeting of the Tibetan community,” according to the report.
