‘Serious’ hacking attacks from China which is targeting UK organizations
By Prempal Singh
UK organizations have been aware of “serious” cyber problems originating in China that try to steal trade secrets.
The gang behind the attacks has compromised technology service organizations and strategies to use them as a proxy for problems, security organizations have stated.
The group, dubbed APT10, is using custom-made malware and spear phishing to reach target companies.The Countrywide Cyber Security Centre and cyber units at PwC and BAE Systems worked together to identify the group.
“Operating alone, none of us might have joined the dots to discover this new campaign of roundabout attacks, ” said Rich Horne, cyber security partner at PwC.
Known Sufferer:
A detailed report attracted up by the 3 organizations reveals that the group has been energetic since 2014 but ramped up its attacks in late 2016. In particular, said the report, it targeted organizations who operated key IT functions on behalf of large UK companies.
1. The anatomy of a nation-state hack strike.
2. Chinese hackers turn to ransomware.
PwC and BAE said the group experienced mounted many different problems as part of a campaign they called Procedure Cloud Hopper.
By focusing on the suppliers of IT outsourcing, the attackers were able to secretly gain access to the sites and systems of their true targets.
Dr. Adrian Nish, head of risk intelligence at BAE, said the attackers used these third parties as a “stepping stone” to gain access to the companies and firms these were really interested in.
Infiltrating supply chains provided the attackers a fairly easy way into various targets.”Organizations large and small count on these providers for management of core systems and as such they can have deep usage of sensitive data, ” this individual said.
“It is impossible to say how many organizations might be affected altogether at this point. “The security firms involved in exposing the APT10 campaign say they have seen organizations in the UK, Europe, and Japan being targeted by the group.
The Nationwide Cyber Security Centre and the two security organizations have warned known sufferer they have been compromised.
Spear phishing emails booby-trapped with custom-made malware were dispatched to key staff in IT services organizations in the first stage of an attack. When the cyber criminals had won access they sought out intellectual property and other sensitive data.
The hacking group managed a huge network of sites and domains online to serve their various problems and since a channel for data they stole, said Dr. Nish.
A forensic examination of the times when the attackers were most active as well as the tools and techniques they used led PwC and BAE in conclusion that the group was structured in China.
They have not established who is behind the APT10 group or how it selects its targets.
Source: www.bbc.com