Hong Kong Hacking
I expect China's biggest fear is 100,000 highly motivated HK hackers.
Given how centralised China's systems such as payment are they are very vulnerable especially as GCHQ have highlighted poor security.
Hack computers to steal someone's identity in China? Why? You can just buy one from a bumpkin for, like, $3k
Black Hat founder Jeff Moss opened this year's shindig in Las Vegas with tales of quite how odd the hacking culture in China is. You see, Moss also founded the DEF CON conference series, and has started running DEF CON events for nerds in China – which makes sense given the sizable reservoir of infosec and computer science …
-
-
Thursday 8th August 2019 12:02 GMT jmch
Re: Doesn't scale
"Why not pay a civil servant in the local office to generate 1000 new blank ids for you ?"
It would probably flag up as dodgy if large numbers of adults suddenly appeared in the system. I wouldn't be surprised if some enterprising civil servant hadn't already started creating fake children 20+ years ago to be available to sell later on. After all the 'fake children' or 'recycling IDs of people who died as children' fake ID generation methods are decades, perhaps even centuries old
-
Wednesday 7th August 2019 22:18 GMT Anonymous Coward
There’s no point in hacking systems to steal strangers' identities to use for nefarious purposes
"For a start, identity theft [in China] is virtually unknown, Moss said. There’s no point in hacking systems to steal strangers' identities to use for nefarious purposes, because it’s easy to obtain a legitimate identity direct from someone, and assume their persona."
So, hackers in China will pay $3000.00 for a persons identity, but in the US, companies that give users identities away in a data breach argue that victims have not suffered any damage or monetary loss.
The Lobby is strong in the Land of The Free.
(Free as in free credit monitoring)
-
Thursday 8th August 2019 00:42 GMT ThatOne
Re: There’s no point in hacking systems to steal strangers' identities to use for nefarious purposes
Equifax victims should really take those $3000 as a base value for their identity (potentially worth more depending on curriculum)...
Why should your identity be worth less than that of some Chinese farmer?
-
-
-
Thursday 8th August 2019 12:17 GMT jmch
Re: What about the photo?
"I always thought that *they* could tell each other apart"
China is a HUUUGE country and the western idea of 'typical Chinese' is based on the southeast coast / Hong Kong / Taiwan type of Chinese person - relatively short, rounded features. Chinese people from the hinterland, North and west tend to have a lot of variations in height, build, facial structure etc.
Even with that in mind, out of 1.4 billion people, for a typical Chinese person there's probably still tens of thousands of other people who look alike enough to pass a casual passport photo inspection.
-
-
Thursday 8th August 2019 04:32 GMT T. F. M. Reader
$3K per ID
Seems expensive compared to stealing IDs in bulk using computers. I suspect it may rather stem from innocent Chinese farmers' IDs not being on any computers in the first place, so phishing the farmers is not an option. On the other hand, going after the IDs of people who are online is extra risky because of intensive government monitoring - one prefers a valid ID of a rural nobody who is of no interest to the authorities.
Pure conjecture on my part, of course.
-
Thursday 8th August 2019 10:57 GMT Mage
Re: $3K per ID
Ah, but you have FULL details.
I wonder how much my IDs of previous countries of residence are worth? After what's in a name. Most are common, even with same DOB. As people in NY discover who are taken to court for OTHER PEOPLE'S driving offences! Stupid NY cops only use name + DOB, not any unique qualifiers.
-
-
Thursday 8th August 2019 12:23 GMT jmch
Re: $3K per ID
"even in the UK they won't let on your way if they can't verify who you are"
Not true. I've been, *ahem*, lectured by cops in UK for, let's call them low-level misdemeanors. No ID was ever asked for, just a stern talking to and sent on my way. In my country of birth (where government-issue IDs are 'de riguer'), similair situations also resulted in a stern talking to and being sent on my way, but the cops DID ask for ID.
-
-
-
-
Thursday 8th August 2019 15:39 GMT Anonymous Coward
When I was a lad, it was illegal for an English policeman to ask you who you were or what you were doing, unless he first told you of some plausible reason he had for asking (a nearby burglary, for example. Back in the day when they used to investigate them).
It was also illegal for soldiers to carry loaded weapons on the street, and I've seen police arrest soldiers for that offence.
I've no idea whether either of those laws still apply :(
Biting the hand that feeds IT
