Chinese digital spying is becoming more aggressive, researchers say:
FireEye, a US cybersecurity firm, says that it has seen a concerning spike in activity from what appears to be a Chinese hacking group called APT41. The attacks are being deployed against companies in the US, Canada, the UK and several other counties, which is atypical of Chinese hackers' typical strategy of focusing on a few particular targets. According to FireEye's report, the group is exploiting software flaws in applications and hardware developed by Cisco, Citrix and others to gain access to target companies' networks and download files via FTP, among other strategies. According to the firm, the attacks began on January 20th, dipped during the Chinese New Year celebrations and COVID-19 quarantine measures and are now back at full scale, affecting 75 of FireEye's customers.
[...] Chinese government contractors carrying out cyber attacks is nothing new, but the scope of these current initiatives is concerning. Companies in about 20 countries are being targeted, and APT41 is carrying out subsequent attacks frequently: "This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years," says FireEye. "This new activity from this group shows how resourceful and how quickly they can leverage newly disclosed vulnerabilities to their advantage." Whether the attackers are purposely taking advantage of a reduced cybersecurity workforce during the coronavirus pandemic or the timing is just a coincidence remains to be determined.
(Score: 2) by corey on Friday March 27 2020, @09:30PM
This story is about cyber espionage, not individual spying.
The parent is making the flawed argument that this is ok because the five eyes do it. But we're talking about espionage.
China is doing their normal thing, hack in, steal IP them copy paste.
I don't see why Trump doesn't put up a big firewall. Allow Chinese incoming TCP connections to major website IPs and cloud providers but block all else. I guess they'll jump onto proxies them..