Vast cyber espionage campaign linked to China: report
'%3e%3cpath%20d='M20.7725%2026.9924C20.9555%2026.9924%2021.1297%2026.953%2021.2951%2026.8741C21.4604%2026.7953%2021.6346%2026.6694%2021.8177%2026.4965L27.8373%2020.8125C27.9848%2020.6752%2028.0865%2020.5353%2028.1425%2020.3929C28.1985%2020.2505%2028.2264%2020.1183%2028.2264%2019.9962C28.2264%2019.869%2028.1985%2019.7343%2028.1425%2019.5918C28.0865%2019.4494%2027.9848%2019.3095%2027.8373%2019.1722L21.8177%2013.5417C21.6142%2013.3484%2021.4375%2013.2098%2021.2875%2013.1259C21.1374%2013.042%2020.9708%2013%2020.7877%2013C20.5181%2013%2020.2981%2013.0916%2020.1278%2013.2747C19.9574%2013.4578%2019.8722%2013.6765%2019.8722%2013.9308V16.8147H19.6509C18.2827%2016.8147%2017.1014%2017.0258%2016.107%2017.448C15.1127%2017.8701%2014.2963%2018.4805%2013.658%2019.279C13.0197%2020.0776%2012.5466%2021.0402%2012.2389%2022.1668C11.9312%2023.2934%2011.7773%2024.5612%2011.7773%2025.9701C11.7773%2026.3006%2011.8575%2026.5537%2012.0177%2026.7291C12.1779%2026.9047%2012.3597%2026.9924%2012.5632%2026.9924C12.7259%2026.9924%2012.89%2026.9593%2013.0553%2026.8932C13.2206%2026.8271%2013.3693%2026.6719%2013.5016%2026.4278C13.9441%2025.5936%2014.4553%2024.9413%2015.0351%2024.4708C15.6149%2024.0004%2016.2838%2023.6685%2017.0417%2023.4752C17.7995%2023.2819%2018.6693%2023.1853%2019.6509%2023.1853H19.8722V26.0998C19.8722%2026.3591%2019.9574%2026.5728%2020.1278%2026.7406C20.2981%2026.9085%2020.513%2026.9924%2020.7725%2026.9924Z'%20fill='black'%20fill-opacity='0.85'/%3e%3c/g%3e%3crect%20x='0.5'%20y='0.5'%20width='39'%20height='39'%20rx='19.5'%20stroke='%23F2F2F2'/%3e%3cdefs%3e%3cclipPath%20id='clip0_715_28555'%3e%3crect%20width='16.4491'%20height='14'%20fill='white'%20transform='translate(11.7773%2013)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
ONLINE attackers with clear links to China are behind a vast cyber espionage campaign targeting government agencies of interest to Beijing, Google subsidiary Mandiant said on Thursday.
“This is the broadest cyber espionage campaign known to be conducted by a China-nexus threat actor since the mass exploitation of Microsoft Exchange in early 2021,” said Mandiant chief technology officer Charles Carmakal.
The cyber attackers compromised computer defences of hundreds of organisations, in some cases stealing “emails of prominent employees dealing in matters of interest to the Chinese government,” Carmakal added.
Mandiant reported having “high confidence” that a group referred to as UNC4841 was behind a wide-ranging espionage campaign “in support of the People’s Republic of China.”
The hackers targeted victims in at least 16 different countries, striking organisations in the public and private sectors worldwide, the report said.
The targeting focused on issues of high policy importance to the Chinese government, particularly in the Asia-Pacific region and Taiwan, according to the report.
GET BT IN YOUR INBOX DAILY
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Victims included foreign ministries as well as research organisations and foreign trade missions based in Hong Kong and Taiwan, Mandiant said in its findings.
Cyber attacks involved email messages booby-trapped with malicious code, and exploited a vulnerability in Barracuda software for screening such missives to make sure they are safe, according to the report.
The cyber espionage activity was detected in May, and is believed to have started as early as October of last year.
“We continue to see evidence of ongoing malware activity” on some systems that were compromised, Barracuda told AFP.
The 2021 hack of Microsoft Exchange, attributed by security researchers to a Beijing-backed hacker group, affected at least 30,000 organisations in the US including businesses and local governments.
Several US federal agencies were fighting off a seemingly unrelated cyber attack on Thursday, according to CNN. AFP
KEYWORDS IN THIS ARTICLE
'/%3e%3cpath%20d='M35.1847%2014.0422L9.37867%2024.1703C8.88772%2024.363%208.86989%2025.051%209.35015%2025.2688L15.0551%2027.8567C15.2097%2027.9269%2015.327%2028.0594%2015.3778%2028.2212L17.8255%2036.0078C17.9491%2036.4009%2018.4247%2036.5534%2018.7539%2036.3054L23.0143%2033.0968C23.2178%2032.9435%2023.4961%2032.9364%2023.7072%2033.0787L30.8526%2037.8975C31.2091%2038.1378%2031.6951%2037.9339%2031.7732%2037.5114L35.9896%2014.7059C36.0747%2014.2456%2035.6206%2013.8712%2035.1847%2014.0422Z'%20fill='%23FDFEFF'/%3e%3cpath%20d='M15.3125%2027.9998L30.4162%2018.627L19.3691%2029.3628L19.548%2033.3966L18.9531%2036.1248C18.3783%2036.7236%2017.9297%2036.2772%2017.8477%2036.0662L15.3681%2028.178L15.2734%2028.0233L15.3125%2027.9998Z'%20fill='%23C8DAEA'/%3e%3cpath%20d='M18.3594%2036.4259L19.3511%2029.3447L23.519%2032.9856C23.303%2032.9612%2023.1588%2032.9863%2023.0268%2033.0859L19.0712%2036.0718C18.6289%2036.4572%2018.4297%2036.4455%2018.3594%2036.4259Z'%20fill='%23A9C9DD'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear'%20x1='33'%20y1='7.5'%20x2='19'%20y2='36.5'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%231E96C8'/%3e%3cstop%20offset='1'%20stop-color='%2337AEE2'%20stop-opacity='0'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
International
Deflation reaches UK stores as non-food prices fall 0.6%
Japan’s March factory output rises 3.8% vs month earlier
Hong Kong vies with US in Bitcoin ETF market after crypto’s revival
More UK companies plan price rises but wage expectations cool: Lloyds
Campaigning EU chief von der Leyen defends record during debate
Israel concerned over possible ICC arrest warrants related to Gaza war
