A Rise in New Cyberspying by a Suspected Chinese Group Detected By a U.S Cybersecurity Firm
A surge in new cyberspying by a speculated Chinese group that dates as far back as to late January was recently being observed by a U.S. cybersecurity firm.
Happening around the time when the worldwide pandemic COVID-19 began to spread outside the borders of the Chinese, a publicly-traded cybersecurity company, FireEye Inc. (FEYE.O) said in a report that it had detected a spike in movement from a hacking group it calls “APT41” that began on Jan. 20 and focused on more than 75 of its customers, from manufacturers and media companies to medicinal and healthcare services associations and non-profits.
The report stated that it was “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.”
In its report, FireEye said that APT41 abused the recently revealed defects and flaws in the software created by Cisco (CSCO.O), Citrix (CTXS.O) and others to attempt to break into scores of companies’ networks in the US, Canada, Britain, Mexico, Saudi Arabia, Singapore and in excess of a dozen other nations.
Despite the fact that it declined to identify the affected customers, the Chinese Foreign Ministry didn’t directly address FireEye’s charges yet said in a statement that China was “a victim of cybercrime and cyberattack.”
Matt Webster, an analyst with Secureworks – Dell Technologies’ (DELL.N) cybersecurity arm – said in an email that his group had likewise observed proof of the said increased movement from Chinese hacking groups over the last few weeks.
Specifically, he said his group had recently spotted new digital infrastructure related to APT41 – which Secureworks calls “Bronze Atlas.”
Even though relating hacking campaigns to a particular nation or entity is mostly loaded with ‘uncertainty’, however, FireEye said it had evaluated “with moderate confidence” that APT41 was made out of Chinese government contractors.
John Hultquist, FireEye’s head of analysis, said the said surge was astounding in light of the fact that hacking activity ascribed to China has commonly become increasingly focused and further added that “This broad action is a departure from that norm.”