Security & Fraud

China Suspected In Surge Of US Cyberattacks

China hacking

U.S. cybersecurity firm FireEye said it suspects China is behind a surge in cyberspying that began in January, just when the coronavirus was starting to seriously spread outside of China, according to a report by Reuters.

The firm wrote a report that said it suspected the activity was coming from a hacking group called “APT41.” The attacks began on Jan. 20 and were aimed at more than 75 of FireEye’s customers, which include media firms, healthcare organizations, manufacturers and nonprofits.

As for why the attacks were happening, there were “multiple possible explanations,” according to FireEye Security Architect Christopher Glyer. He cited the ongoing trade war between the U.S. and China, and more recent conflicts over the coronavirus outbreak.

The report said the attack was “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years,” although the firm would not identify particular customers.

Without directly responding to FireEye’s suspicions, the Chinese Foreign Ministry said China itself was “a victim of cybercrime and cyber attack.”

In its report, FireEye said APT41 took advantage of flaws in software from Cisco, Citrix and others, and attempted to breach companies in the United States, Canada, Britain, Mexico, Saudi Arabia, Singapore and many other countries.

Both Citrix and Cisco said they were working to close such vulnerabilities.

A researcher with Dell Technologies’ cybersecurity division, Matt Webster, said his team had also witnessed an uptick of attacks from Chinese hacking groups “over the last few weeks.”

He said he had especially noticed attacks from APT41, also known as Bronze Atlas. FireEye said it had “moderate confidence” that the group APT41 was made up of contractors from the Chinese government.

John Hultquist, the head of analysis at FireEye, said the surge in activity was especially surprising because China is usually much more focused in its hacking activity, saying, “This broad action is a departure from the norm.”

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW