7 Chinese Govt Hackers Charged for 14-year hack campaign
[[{“value”:”
The US Department of Justice (DOJ) has unsealed an indictment charging seven Chinese nationals with computer hacking and wire fraud conspiracies.
These individuals are accused of being part of a hacking group known as APT31, which the DOJ alleges is linked to China’s Ministry of State Security (MSS).
Over 10,000 malicious emails impacted thousands of victims across multiple continents. As alleged in today’s indictment, this prolific global hacking operation – backed by the PRC government – targeted journalists, political officials, and companies to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” said Deputy Attorney General Lisa Monaco.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, which helps you to quantify risk accurately:
Indictment details a 14-year campaign by APT31 targeting:
US and foreign critics of China: Political dissidents, journalists, and government officials.
US businesses: Companies in defense, technology, telecommunications, and other critical sectors.
US political campaigns: Staffers and officials from both major parties.
The hackers allegedly used sophisticated techniques like zero-day exploits to compromise email accounts, steal intellectual property, and potentially influence US elections.
Examples of Alleged Activity:
Targeting email accounts of members of the Inter-Parliamentary Alliance on China (IPAC), a group critical of the Chinese government.
Hacking attempts against US defense contractors and a leading provider of 5G network equipment.
Spying on Hong Kong pro-democracy activists.
Today’s announcements underscore the need to remain vigilant to cybersecurity threats and the potential for cyber-enabled foreign malign influence efforts, especially as we approach the 2024 election cycle. The Department of Justice will continue to leverage all tools to disrupt malicious cyber actors who threaten our national security and aim to repress fundamental freedoms worldwide.” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.
Indictment Outlines Specific Roles
Malware development and exploitation.
Infrastructure management for cyberattacks.
Surveillance and intrusion operations against US entities.
The defendants face charges of conspiracy to commit computer intrusions and conspiracy to commit wire fraud.
They are presumed innocent until proven guilty in a court of law. The DOJ is prosecuting the case with assistance from the National Security Division.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Advisory on Chinese cyberespionage. US National Cybersecurity Strategy. LokiBot is out. Malware misrepresenting itself as a proof-of-concept. Hybrid war notes.
CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign that uses Microsoft Word as an attack vector. Training code turns out to be malicious in a new proof-of-concept attack discovered on GitHub. Russia resumes its pursuit of a “sovereign Internet.” The GRU’s offensive cyber tactics. A probable Ukrainian false-flag operation. Read More