Advanced Steganography Provisioned by Chinese Front Companies for APT Operations

A recent intelligence analysis has uncovered the role of two Chinese technology firms, BIETA (Beijing Institute of Electronics Technology and Application) and its subsidiary CIII (Beijing Sanxin Times Technology Co., Ltd.), in supporting advanced cyber operations linked to China’s Ministry of State Security (MSS).

According to research by the Telsy Threat Intelligence & Response team, both companies act as front organizations supplying the MSS and other intelligence units with advanced steganography-based capabilities used in cyber espionage and covert data operations.

BIETA operates near the MSS headquarters in Beijing, within the vicinity of the First Research Institute, often referred to as China’s “National Cybersecurity Team.”

This institute developed the Skynet surveillance system in collaboration with the Xinjiang Public Security Department.

Several BIETA executives have held official or advisory roles in state institutions. Former company head You Xingang previously worked at the MSS First Research Institute.

At the same time, another long-term employee, Zhou Linna, serves as a professor at the University of International Relations (UIR), an MSS-affiliated university that trains intelligence personnel.

CIII describes itself as a “people-owned enterprise” that provides services including satellite maintenance for BeiDou navigation systems, cyber simulation, penetration testing, and military infrastructure modeling.

It has reportedly received recognition from the China Information Technology Security Evaluation Center, the body responsible for supervising the Chinese National Vulnerability Database (CNNVD) and managing advanced persistent threat (APT) tracking.

Steganography and Intelligence Technology Development

Both BIETA and CIII are believed to design and sell forensic and counterintelligence tools with embedded steganographic capabilities.

CIII has also registered software copyrights for systems dedicated to analyzing hidden data in multimedia files, including a 2017 patent for a forensic differentiation method for JPEG images based on feature optimization.

Research trends further reveal BIETA’s deep involvement in this area. Of 87 known BIETA academic publications from 1991 to 2023, about 46 percent focus on steganography.

The company has received funding from the National Natural Science Foundation of China, the 973 Program, and the 863 Program to continue R&D on concealed communication technologies.

Efforts have even extended to the use of AI-driven methods, such as Generative Adversarial Networks (GANs), to enhance steganographic concealment and evasion of detection.

Steganography has long been a tool in global APT operations. Groups such as Russia’s APT29, North Korea’s Lazarus, and China’s APT1 have used image- and audio-based steganography to smuggle data and payloads.

More recently, Chinese groups such as Leviathan, Mirage, Pirate Panda, and Witchetty have hidden malware in JPEG and BMP files for stealthy communication.

The Telsy report highlights that BIETA and CIII’s combined research and government alignment represent China’s evolving ecosystem of state-sponsored technology innovation, intertwining academic research, state institutions, and private enterprises to advance cyber espionage capabilities.

Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates

The post Advanced Steganography Provisioned by Chinese Front Companies for APT Operations appeared first on Cyber Security News.