Security & Fraud

China Suspected In Surge Of US Cyberattacks

China hacking

U.S. cybersecurity firm FireEye said it suspects China is behind a surge in cyberspying that began in January, just when the coronavirus was starting to seriously spread outside of China, according to a report by Reuters.

The firm wrote a report that said it suspected the activity was coming from a hacking group called “APT41.” The attacks began on Jan. 20 and were aimed at more than 75 of FireEye’s customers, which include media firms, healthcare organizations, manufacturers and nonprofits.

As for why the attacks were happening, there were “multiple possible explanations,” according to FireEye Security Architect Christopher Glyer. He cited the ongoing trade war between the U.S. and China, and more recent conflicts over the coronavirus outbreak.

The report said the attack was “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years,” although the firm would not identify particular customers.

Without directly responding to FireEye’s suspicions, the Chinese Foreign Ministry said China itself was “a victim of cybercrime and cyber attack.”

In its report, FireEye said APT41 took advantage of flaws in software from Cisco, Citrix and others, and attempted to breach companies in the United States, Canada, Britain, Mexico, Saudi Arabia, Singapore and many other countries.

Both Citrix and Cisco said they were working to close such vulnerabilities.

A researcher with Dell Technologies’ cybersecurity division, Matt Webster, said his team had also witnessed an uptick of attacks from Chinese hacking groups “over the last few weeks.”

He said he had especially noticed attacks from APT41, also known as Bronze Atlas. FireEye said it had “moderate confidence” that the group APT41 was made up of contractors from the Chinese government.

John Hultquist, the head of analysis at FireEye, said the surge in activity was especially surprising because China is usually much more focused in its hacking activity, saying, “This broad action is a departure from the norm.”

——————————

LATEST PYMNTS REPORT: MARCH 2020 B2B API TRACKER  

B2B APIs aren’t just for large enterprises anymore — middle-market firms and SMBs now realize their potential for enabling low-cost access to real-time payments and account data. But those capabilities are only the tip of the API iceberg, says HSBC global head of liquidity and cash management Diane Reyes. In this month’s B2B API Tracker, Reyes explains how the next wave of banking APIs could fight payments fraud and proactively alert middle-market treasurers to investment opportunities.

TRENDING RIGHT NOW