Menu
US trade lobbying group attacked by suspected Chinese hackers

US trade lobbying group attacked by suspected Chinese hackers

The lobbying group has pledged to work on U.S.-China trade issues with President Trump

A group of what appears to be Chinese hackers infiltrated a U.S. trade-focused lobbying group as the two countries wrestle with how they treat imports of each other's goods and services.

The APT10 Chinese hacking group appears to be behind a "strategic web compromise" in late February and early March at the National Foreign Trade Council, according to security vendor Fidelis Cybersecurity.

The NFTC lobbies for open and fair trade and has pledged to work with U.S. President Donald Trump to "find ways to address Chinese policies that frustrate access to their market and undermine fair trade, while at the same time encouraging a positive trend in our trade relationship." Trump will meet with China President Xi Jinping in Florida this week.

The lobbying group discovered the attack almost immediately and took steps to remove the malware and protect website visitors, a source close to the group said.

It is "highly probable" that the web attack targeted key private-sector organizations focused on U.S. trade policy, Fidelis Cybersecurity said in a blog post. The company's research has found a similar operation targeting government officials in Japan, it said.

"The connections we can draw from the Japanese campaign lead us to estimate that it is highly probable that the actors involved are known as APT10," a well-known Chinese hacking group.

The attack on the lobbying group, dubbed Operation TradeSecret by Fidelis, targeted visitors to some of the organization's web pages, including one used to register for meetings. The attacks served reconnaissance malware known as Scanbox, Fidelis said.

Scanbox is typically used by hackers associated with or sponsored by the Chinese government, the company said. It gives hackers multiple capabilities, including JavaScript keyloggers installed on target PCs. The information gathered with this reconnaissance can be used in phishing campaigns directed toward targeted individuals. These campaigns can then exploit specific vulnerabilities known to exist within the user's applications.

The information gathered can then be used in phishing campaigns targeting specific computer users, Fidelis said.

"The benefit of such a watering-hole attack is that it enables the adversary to target key individuals as they go about their business," said Hardik Modi, vice president for threat research at Fidelis. "Big business plays a key role in the formulation of trade policy in the U.S., and our expectation is that this campaign was about gathering intelligence in advance of the negotiations that accompany the [U.S.-China] summit."

Lobbying groups are particularly attractive targets, Modi added by email. They are "in a difficult position because they often have a sensitive membership and can be an easy conduit for the adversary to target the specific interest group they're interested in," he said. "This has been part of cyber tradecraft for a long time now."

This type of espionage is "an age-old tradition for governments," he added.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Why experience is the new battleground for partners

Join us for an exclusive webinar, in association with Hewlett Packard Enterprise and Technology Services Industry Association (TSIA) and learn about the latest industry insights and how technology services continue to evolve to deliver differentiated value, and how partners can be successful in 2021 and beyond.

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments