Chinese digital spying is becoming more aggressive, researchers say:
FireEye, a US cybersecurity firm, says that it has seen a concerning spike in activity from what appears to be a Chinese hacking group called APT41. The attacks are being deployed against companies in the US, Canada, the UK and several other counties, which is atypical of Chinese hackers' typical strategy of focusing on a few particular targets. According to FireEye's report, the group is exploiting software flaws in applications and hardware developed by Cisco, Citrix and others to gain access to target companies' networks and download files via FTP, among other strategies. According to the firm, the attacks began on January 20th, dipped during the Chinese New Year celebrations and COVID-19 quarantine measures and are now back at full scale, affecting 75 of FireEye's customers.
[...] Chinese government contractors carrying out cyber attacks is nothing new, but the scope of these current initiatives is concerning. Companies in about 20 countries are being targeted, and APT41 is carrying out subsequent attacks frequently: "This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years," says FireEye. "This new activity from this group shows how resourceful and how quickly they can leverage newly disclosed vulnerabilities to their advantage." Whether the attackers are purposely taking advantage of a reduced cybersecurity workforce during the coronavirus pandemic or the timing is just a coincidence remains to be determined.
Related Stories
The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations.
"Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the president for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities."
[...] The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday.
"EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.
(Score: 0) by Anonymous Coward on Friday March 27 2020, @06:30AM
China would never do that, they are not only law abiding, but with the highest respect for everyone one.
/s (just in case you s-meter is broken)
(Score: 5, Interesting) by Runaway1956 on Friday March 27 2020, @06:47AM (4 children)
Of course, we, the Five Eyes and company, don't spy on anyone. We're a bunch of innocent children, and it's just those evil Chinese spying on people. And, oh yeah, Russians!! Don't forget the Russians!
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 0) by Anonymous Coward on Friday March 27 2020, @11:21AM
But what about Hillary!!!!
You're right, we should probably just ignore this. Maybe even open a few ports while we're at it, just to even things up.
(Score: 0) by Anonymous Coward on Friday March 27 2020, @04:34PM (2 children)
My doctor has access to my health records, so why should the police be restricted? My credit card company has access to my purchase history on a card, so does that mean that Target should have free access?
The answer is because different people have different forms and levels of trust. Just because one group is doing something doesn't mean another should be able to.
I agree that the US (and other Five Eyes) are flawed. I'll still take them over "suppress the Uygers" "suppress the freedoms of Hong Kong" and literally countless other problems of mainland China.
Or are you really saying you're okay with China and Russia trying to spy on the world, and you in particular?
(Score: 2) by corey on Friday March 27 2020, @09:30PM
This story is about cyber espionage, not individual spying.
The parent is making the flawed argument that this is ok because the five eyes do it. But we're talking about espionage.
China is doing their normal thing, hack in, steal IP them copy paste.
I don't see why Trump doesn't put up a big firewall. Allow Chinese incoming TCP connections to major website IPs and cloud providers but block all else. I guess they'll jump onto proxies them..
(Score: 2) by Gaaark on Friday March 27 2020, @10:39PM
"I'll still take them over "suppress the Uygers" "suppress the freedoms of Hong Kong" and literally countless other problems of mainland China."
Yeah...much better than the 'invade because WMD' that mysteriously disappear after fait accompli people, or the Guantanamo Bay fappening people, or the 'use 9/11 event to take away rights and privacy', people.
Yeah. Soooooooooo much better.
Yeah.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 3, Insightful) by Mojibake Tengu on Friday March 27 2020, @08:19AM
Nice freudian slip, those counties...
Rust programming language offends both my Intelligence and my Spirit.