June 21, 2018
President Trump’s threat last week to place additional tariffs on Chinese made goods have not only led to counter threats being made by China’s leadership, but Stealthcare CEO Jeremy Samide believes the trade situation has spurred China to launch cyberattacks against the United States.
The attacks Samide’s firm detected and attributed to China came from the LuckyMouse group, also known as, Emissary Panda, APT27. These were found pushing a new malware strain based on the HyperBro Remote Access Trojan RAT. Another incident involved an espionage campaign dubbed MirageFox, attributed to APT15, also known as Vixen Panda, Ke3chang, Royal APT and Playful Dragon.
Many of the attacks are originating from known Chinese sources or state-sponsored groups, however, the art of misdirection is definitely in play. While attribution can be difficult, in many cases we can ascertain the source of the attack and not all of them are originating from China, Samide said.
“We are seeing an increase in more targeted espionage-style attacks towards government agencies, geospatial imaging, satellite communications and other defense contractors with the particular interest in infiltrating their networks and infecting their computer systems that control key communication and other geospatial data collection systems,” Samide told SC Media.
Source: SC Magazine