British Businesses Under Attack By China
Posted by: Timothy Weaver on 04/05/2017 10:44 AM
[
Comments
]
According to join research by consultants, PwC, UK, and BAE Systems' IT security arms along with the UK National Cyber Security Centre's (NCSC), British companies are being targeted by hackers linked to China's government.
The attackers are working in shifts and targeting IT service providers to gain access to clients. The attackers are known by researchers as APT10 and it is widely known to be coming from China. The attackers are also targeting Japan.
APT10 is a well organized group that works in teams who are assigned their own distinct areas of responsibility and expertise.
"As a result of our analysis of APT10's activities, we believe that it almost certainly benefits from significant staffing and logistical resources, which have increased over the last three years, with a significant step-change in 2016," the report claims.
"Due to the scale of the threat actor's operations throughout 2016 and 2017, we similarly assess it currently comprises multiple teams, each responsible for a different section of the day-to-day operations, namely domain registration, infrastructure management, malware development, target operations, and analysis."
The malware used by APT10 is usually delivered via phishing. Once in a system, they then plant malware such as Poison Ivy, PlugX, Quasar which enables long-term remote access and the ability to carry out higher-level tasks.
Source: Computing.Co
The attackers are working in shifts and targeting IT service providers to gain access to clients. The attackers are known by researchers as APT10 and it is widely known to be coming from China. The attackers are also targeting Japan. APT10 is a well organized group that works in teams who are assigned their own distinct areas of responsibility and expertise.
"As a result of our analysis of APT10's activities, we believe that it almost certainly benefits from significant staffing and logistical resources, which have increased over the last three years, with a significant step-change in 2016," the report claims.
"Due to the scale of the threat actor's operations throughout 2016 and 2017, we similarly assess it currently comprises multiple teams, each responsible for a different section of the day-to-day operations, namely domain registration, infrastructure management, malware development, target operations, and analysis."
The malware used by APT10 is usually delivered via phishing. Once in a system, they then plant malware such as Poison Ivy, PlugX, Quasar which enables long-term remote access and the ability to carry out higher-level tasks.
Source: Computing.Co
Comments
