The Chinese groups accused of hacking the US and others
Send a link to a friend
[July 21, 2023]
(Reuters) - Chinese hacking teams have been blamed by
Western intelligence agencies and cybersecurity groups for digital
intrusion campaigns across the world, targeting everything from
government and military organizations to corporations and media groups.
Cybersecurity firms believe many of those groups are backed by China's
government.
China's authorities have consistently denied any form of state-sponsored
hacking, saying China itself is a frequent target of cyberattacks.
Beijing has called the U.S. "the empire of hacking."
Some of the Chinese hacking teams recently identified are:
STORM-0558
Chinese hackers have since May secretly accessed email accounts at
around 25 organizations, including U.S. government agencies, Microsoft
and U.S. officials have said.
These include the accounts of U.S. Commerce Secretary Gina Raimondo and,
according to a Wall Street Journal report on Thursday, U.S. envoy to
China Nicholas Burns and Daniel Kritenbrink, the assistant secretary of
state for East Asia.
Microsoft said a China-based actor, which it nicknamed Storm-0558,
misappropriated one of its digital keys and used a flaw in its code to
steal emails.
China's embassy in Washington said in a statement that identifying the
source of cyber attacks was complex and warned against "groundless
speculations and allegations."
'VOLT TYPHOON'
Western intelligence agencies and Microsoft said on May 24 that Volt
Typhoon, a group they described as state-sponsored, had been spying on a
range of U.S. critical infrastructure organizations, from
telecommunications to transportation hubs.
They described the attacks in 2023 as one of the largest known Chinese
cyber-espionage campaigns against American critical infrastructure.
China's foreign ministry rejected the claims.
'BACKDOORDIPLOMACY'
A Reuters report in May identified BackdoorDiplomacy as being behind a
widespread series of digital intrusions over several years against key
Kenyan ministries and state institutions. The Chinese authorities said
it was not aware of such hacking and described the accusations as
baseless.
[to top of second column]
|
A man holds a laptop computer as cyber
code is projected on him in this illustration picture taken on May
13, 2017. REUTERS/Kacper Pempel/Illustration/File photo
Palo Alto Networks, a U.S. cybersecurity firm, said its research
showed BackdoorDiplomacy had links to the Chinese state and was part
of the APT15 hacking group.
APT 41
Chinese hacking team APT 41, which is also known as Wintti, Double
Dragon and Amoeba, has conducted a mix of government-backed cyber
intrusions and financially motivated data breaches, according to
U.S.-based cybersecurity firms FireEye and Mandiant.
The U.S secret service said the team had stolen U.S. COVID-19 relief
benefits worth tens of millions of dollars between 2020 and 2022.
Taiwan-based cybersecurity firm TeamT5 said the group had targeted
government, telecoms and media victims in Japan, Taiwan, South
Korea, the United States and Hong Kong.
APT 41 was named by the U.S Department Justice in September 2020 in
relation to charges brought against seven hackers for allegedly
compromising more than 100 companies around the world.
The Chinese authorities have described such reports as "groundless
accusations."
APT 27
Western intelligence agencies and cybersecurity researchers say
Chinese hacking team APT 27 is sponsored by the state and has
launched multiple attacks on Western and Taiwanese government
agencies.
APT 27 claimed responsibility for cyberattacks against Taiwan in
2022 during a visit by then U.S House of Representatives Speaker
Nancy Pelosi, saying it acted as a protest because Pelosi defied
China's warnings not to visit.
Cybersecurity firm Mandiant said last year the group compromised the
computer networks of at least six U.S. state governments between May
2021 and February 2022, while the German authorities named blamed it
for attacks against German pharmaceutical, technology and other
companies.
(Compiled by Fanny Potkin and John Geddie; Editing by Jamie Freed)
[© 2023 Thomson Reuters. All rights
reserved.]This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |