Extensive cyber espionage campaign traced back to China Report

Latest Reports: Ukraine blocks Russias longest natural gas supply route to Europe as key transit deal expires China sanctions Lockheed Martin, Boeing Defense among 43 other US entities 11 injured as gunman opens fire outside Amazura nightclub in Queens Iran to address death penalty case of Kerala nurse in Yemen: Sources NIA attains 100% conviction rate in 2024, reaches key counter-terrorism milestones First cabinet meeting of 2025 announces special packages for farmers New Orleans ‘terrorist attack’: FBI identifies attacker; ISIS flag recovered from vehicle, Tesla cyber truck explodes at Trumps Las Vegas hotel Firework tragedy strikes in Germany’s new year celebrations, 5 killed, several emergency workers injured Bangladesh court rejects bail plea of arrested Hindu monk Chinmoy Das Designated “Hindu Prayer Room” sought at Brown University Quad foreign ministers strengthen pledge for free, open Indo-Pacific Sandeep Dikshit to file ₹10 crore defamation suits against Atishi, Sanjay Singh Moradabad’s Gauri Shankar temple reclaimed after 44 years following its closure during 1980 riots Protests erupts in Rajasthan as Bhajan Lal government scraps nine newly created districts Bangladeshi Hindu diaspora urges India to push for UN sanctions against Dhaka

Extensive cyber espionage campaign traced back to China: Report

In Reports
07:56 PM, Jun 19, 2023
Myind Staff

According to a report by Mandiant, a subsidiary of Google, a widespread cyber espionage campaign has been identified, with the attackers showing direct connections to China. The campaign specifically targets government agencies that are of interest to Beijing.

"This is the broadest cyber espionage campaign known to be conducted by a China-nexus threat actor since the mass exploitation of Microsoft Exchange in early 2021," said Mandiant chief technology officer Charles Carmakal.

The cyber attackers compromised computer defenses of hundreds of organizations, in some cases stealing "emails of prominent employees dealing in matters of interest to the Chinese government," Carmakal added.

Mandiant reported having "high confidence" that a group referred to as UNC4841 was behind a wide-ranging espionage campaign "in support of the People's Republic of China."

The hackers targeted victims in at least 16 different countries, striking organizations in the public and private sectors worldwide, the report said.

According to the report, “The targeting focused on issues of high policy importance to the Chinese government, particularly in the Asia-Pacific region and Taiwan.” Victims included foreign ministries as well as research organizations and foreign trade missions based in Hong Kong and Taiwan, Mandiant said in its findings.

"Cyber attacks involved email messages booby-trapped with malicious code, and exploited vulnerability in Barracuda software for screening such missives to make sure they are safe," the report stated.

The cyber espionage activity was detected in May and is believed to have started as early as October of last year.

"We continue to see evidence of ongoing malware activity" on some systems that were compromised, Barracuda Networks told AFP.

"The 2021 hack of Microsoft Exchange, which security researchers attributed to a Beijing-backed hacker group, affected at least 30,000 organizations in the United States including businesses and local governments."

In an apparently unrelated cyber attack, CNN reported that several US federal agencies had been caught in a Russian group's hack of the commonly used MOVEit software.

When asked for comment by AFP, the White House pointed to an alert issued last week by the FBI and CISA, the federal government's lead cyber security agency, to information on how to mitigate the threat.

Image source: The Economic Times

Comments

Myind Staff

Contributor Profile

Reports