US Cyber-Security Experts See Recent Spike in Chinese Digital Espionage

There were "multiple possible explanations" for the spike in activity, said FireEye Security Architect Christopher Glyer.

Advertisement
By Reuters | Updated: 26 March 2020 12:46 IST
Highlights
  • Surge in new cyberspying by a suspected Chinese group has been detected
  • FireEye said it had spotted a spike in activity from a hacking group
  • FireEye declined to identify the affected customers

A US cyber-security firm said Wednesday it has detected a surge in new cyberspying by a suspected Chinese group dating back to late January, when coronavirus was starting to spread outside China.

FireEye said in a report it had spotted a spike in activity from a hacking group it dubs "APT41" that began on January 20 and targeted more than 75 of its customers, from manufacturers and media companies to healthcare organisations and nonprofits.

Advertisement

There were "multiple possible explanations" for the spike in activity, said FireEye Security Architect Christopher Glyer, pointing to long-simmering tensions between Washington and Beijing over trade and more recent clashes over the coronavirus outbreak, which has killed more than 17,000 people since late last year.

The report said it was "one of the broadest campaigns by a Chinese cyber-espionage actor we have observed in recent years."

Advertisement

FireEye declined to identify the affected customers. The Chinese Foreign Ministry did not directly address FireEye's allegations but said in a statement that China was "a victim of cybercrime and cyber-attack." The US Office of the Director of National Intelligence declined comment.

FireEye said in its report that APT41 abused recently disclosed flaws in software developed by Cisco, Citrix and others to try to break into scores of companies' networks in the United States, Canada, Britain, Mexico, Saudi Arabia, Singapore and more than a dozen other countries.

Advertisement

Cisco said in an email it had fixed the vulnerability and it was aware of attempts to exploit it, a sentiment echoed by Citrix, which said it had worked with FireEye to help identify "potential compromises."

Others have also spotted a recent uptick in cyber-espionage activity linked to Beijing.

Advertisement

Matt Webster, a researcher with Secureworks – Dell Technologies' cyber-security arm – said in an email that his team had also seen evidence of increased activity from Chinese hacking groups "over the last few weeks."

In particular, he said his team had recently spotted new digital infrastructure associated with APT41 – which Secureworks dubs "Bronze Atlas."

Tying hacking campaigns to any specific country or entity is often fraught with uncertainty, but FireEye said it had assessed "with moderate confidence" that APT41 was composed of Chinese government contractors.

FireEye's head of analysis, John Hultquist, said the surge was surprising because hacking activity attributed to China has generally become more focused.

"This broad action is a departure from that norm," he said.

© Thomson Reuters 2020

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: China, US, FireEye
Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  2. Oppo, OnePlus Could Equip New Phones With a 10,000mAh Battery
  3. OnePlus Phones Will Soon Run on ColorOS 17 Instead of OxygenOS
  4. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  5. Apple's First OLED iPad Mini Could Launch This Fall
  1. iPad Mini With OLED Screen to Reportedly Launch in October as Apple Prepares Base iPad, iPad Air Refreshes
  2. Google Rebrands NotebookLM as Gemini Notebook; Brings Cloud Computing and Search Integration
  3. Samsung Music Studio 5, Music Studio 7 Wi-Fi Speakers Launched in India
  4. Ostium Suspends Trading Following Oracle Security Incident Drains Millions
  5. Oppo’s New A Series, Upcoming OnePlus Mid-Range Smartphones Tipped to Launch With 10,000mAh Batteries
  6. WhatsApp Reportedly Rolls Out Mic Mode Controls for iPhone Calls
  7. Former Rockstar Games Developer Explains Why GTA 6 Maker Launches Games on PC After Consoles
  8. Samsung Galaxy Tab S12 Ultra CAD Renders Leaked Online; Reveals Familiar Look
  9. Apple Back to School Sale Now Live in India, Bringing Offers on MacBook Air, iPad Pro and More
  10. Realme Could Replace Realme UI With ColorOS 17 in India: Report
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.