Security News > 2021 > August > Experts Believe Chinese Hackers Are Behind Several Attacks Targeting Israel

Experts Believe Chinese Hackers Are Behind Several Attacks Targeting Israel
2021-08-10 20:39

A Chinese cyber espionage group has been linked to a string of intrusion activities targeting Israeli government institutions, IT providers, and telecommunications companies at least since 2019.

FireEye's Mandiant threat intelligence arm attributed the campaign to an operator it tracks as "UNC215", a Chinese espionage operation that's believed to have singled out organizations around the world dating back as far as 2014, linking the group with "Low confidence" to an advanced persistent threat widely known as APT27, Emissary Panda, or Iron Tiger.

"UNC215 has compromised organizations in the government, technology, telecommunications, defense, finance, entertainment, and health care sectors," FireEye's Israel and U.S. threat intel teams said in a report published today.

"The group targets data and organizations which are of great interest to Beijing's financial, diplomatic, and strategic objectives," the findings reflecting a relentless appetite for defense-related secrets among hacking groups.

Early attacks perpetrated by the collective is said to have exploited a Microsoft SharePoint vulnerability as a stepping stone toward infiltrating government and academic networks to deploy web shells and FOCUSFJORD payloads at targets in the Middle East and Central Asia.

"China has conducted numerous intrusion campaigns along the BRI route to monitor potential obstructions-political, economic, and security-and we anticipate that UNC215 will continue targeting governments and organizations involved in these critical infrastructure projects in Israel and the broader Middle East in the near- and mid-term," the teams added.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/JctNSW8ldNg/experts-believe-chinese-hackers-are.html