Published in News

Chinese cyber gang targets UK firms

by on04 April 2017

Global hacking operation

A Chinese cyber gang has been hitting UK firms as part of a "systematic" global cyber espionage campaign.

Dubbed APT10 the group used custom malware and "spear phishing" techniques to target managed outsourced IT service companies.

According to the UK National Cyber Security Centre (NCSC) and cyber units at defence group BAE systems and accountancy firm PwC, the gang were found to have used the companies as a way into their customers' systems since 2016, although there is evidence to suggest they had first employed the tactics from as early 2014.

PwC cyber security Partner Richard Horne said the reason the report had been made public was because so many managed IT service providers (MSPs) and other companies were compromised through it. However, it was unclear of the problem’s extent.

The report behind the unmasking operation, codenamed Cloud Hopper, highlights targeted attacks against Japanese commercial firms and public bodies, but indicates further widespread operations against companies in 14 other countries including the UK, France and the United States.

The report's authors state APT10 is "highly likely" to be based in China, demonstrating a pattern of work in line with China Standard Time (UTC+8) and the targeting of specific commercial enterprises "closely aligned with strategic Chinese interests".

Horne said the data collected in individual attacks spanned a plethora of sensitive categorisations.

He said: "We've seen a number of different companies targeted for different reasons, but essentially it's all around sensitive information they hold, whether that's intellectual property, or personal information on people or a whole realm of other areas."

Last modified on 04 April 2017
Rate this item
(0 votes)

Read more about: