Menu
FireEye saw surge in cyber spying as coronavirus emerged from China

FireEye saw surge in cyber spying as coronavirus emerged from China

FireEye claims APT41 abused recently disclosed flaws in software developed by Cisco, Citrix and others

Credit: Dreamstime

Cyber security firm FireEye claims it has detected a surge in new cyber spying by a suspected Chinese group dating back to late January, when coronavirus was starting to spread outside China.

FireEye said in a report it had spotted a spike in activity from a hacking group it dubs "APT41" that began on Jan. 20 and targeted more than 75 of its customers, from manufacturers and media companies to healthcare organisations and nonprofits.

There were "multiple possible explanations" for the spike in activity, said FireEye Security Architect Christopher Glyer, pointing to long-simmering tensions between Washington and Beijing over trade and more recent clashes over the coronavirus outbreak, which has killed more than 17,000 people since late last year.

The report said it was "one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years."

FireEye declined to identify the affected customers. The Chinese Foreign Ministry did not directly address FireEye's allegations but said in a statement that China was "a victim of cyber crime and cyber attack."

The U.S. Office of the Director of National Intelligence declined comment.

FireEye said in its report that APT41 abused recently disclosed flaws in software developed by Cisco, Citrix and others to try to break into scores of companies' networks in the United States, Canada, Britain, Mexico, Saudi Arabia, Singapore and more than a dozen other countries.

Cisco said in an email it had fixed the vulnerability and it was aware of attempts to exploit it, a sentiment echoed by Citrix, which said it had worked with FireEye to help identify "potential compromises."

Others have also spotted a recent uptick in cyber-espionage activity linked to Beijing.

Matt Webster, a researcher with Secureworks – Dell Technologies' cybersecurity arm – said in an email that his team had also seen evidence of increased activity from Chinese hacking groups "over the last few weeks."

In particular, he said his team had recently spotted new digital infrastructure associated with APT41 – which Secureworks dubs "Bronze Atlas."

Tying hacking campaigns to any specific country or entity is often fraught with uncertainty, but FireEye said it had assessed "with moderate confidence" that APT41 was composed of Chinese government contractors.

FireEye's head of analysis, John Hultquist, said the surge was surprising because hacking activity attributed to China has generally become more focused.

"This broad action is a departure from that norm," he said.

(Reporting by Raphael Satter and Christopher Bing; additional reporting by the Beijing newsroom; Editing by Richard Pullin and Paul Simao)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags FireEye

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments