Menu
US trade lobbying group attacked by suspected Chinese hackers

US trade lobbying group attacked by suspected Chinese hackers

The lobbying group has pledged to work on U.S.-China trade issues with President Trump

A group of what appears to be Chinese hackers infiltrated a U.S. trade-focused lobbying group as the two countries wrestle with how they treat imports of each other's goods and services.

The APT10 Chinese hacking group appears to be behind a "strategic web compromise" in late February and early March at the National Foreign Trade Council, according to security vendor Fidelis Cybersecurity.

The NFTC lobbies for open and fair trade and has pledged to work with U.S. President Donald Trump to "find ways to address Chinese policies that frustrate access to their market and undermine fair trade, while at the same time encouraging a positive trend in our trade relationship." Trump will meet with China President Xi Jinping in Florida this week.

The lobbying group discovered the attack almost immediately and took steps to remove the malware and protect website visitors, a source close to the group said.

It is "highly probable" that the web attack targeted key private-sector organizations focused on U.S. trade policy, Fidelis Cybersecurity said in a blog post. The company's research has found a similar operation targeting government officials in Japan, it said.

"The connections we can draw from the Japanese campaign lead us to estimate that it is highly probable that the actors involved are known as APT10," a well-known Chinese hacking group.

The attack on the lobbying group, dubbed Operation TradeSecret by Fidelis, targeted visitors to some of the organization's web pages, including one used to register for meetings. The attacks served reconnaissance malware known as Scanbox, Fidelis said.

Scanbox is typically used by hackers associated with or sponsored by the Chinese government, the company said. It gives hackers multiple capabilities, including JavaScript keyloggers installed on target PCs. The information gathered with this reconnaissance can be used in phishing campaigns directed toward targeted individuals. These campaigns can then exploit specific vulnerabilities known to exist within the user's applications.

The information gathered can then be used in phishing campaigns targeting specific computer users, Fidelis said.

"The benefit of such a watering-hole attack is that it enables the adversary to target key individuals as they go about their business," said Hardik Modi, vice president for threat research at Fidelis. "Big business plays a key role in the formulation of trade policy in the U.S., and our expectation is that this campaign was about gathering intelligence in advance of the negotiations that accompany the [U.S.-China] summit."

Lobbying groups are particularly attractive targets, Modi added by email. They are "in a difficult position because they often have a sensitive membership and can be an easy conduit for the adversary to target the specific interest group they're interested in," he said. "This has been part of cyber tradecraft for a long time now."

This type of espionage is "an age-old tradition for governments," he added.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments