🐂 Not all bull runs are created equal. November’s AI picks include 5 stocks up +20% eachUnlock Stocks

Factbox-Volt Typhoon and other Chinese groups accused of hacking the US and others

Published 05/25/2023, 06:29 AM
Updated 05/25/2023, 12:09 PM
© Reuters. A sign of Microsoft is pictured on its office building in Beijing, China May 25, 2023. REUTERS/Tingshu Wang
MSFT
-
PANW
-
MNDT
-

SINGAPORE (Reuters) - Chinese hacking teams have been blamed by Western intelligence agencies and cybersecurity groups for digital intrusion campaigns across the world, targeting everything from government and military organisations to corporations and media groups

Cybersecurity firms believe many of those groups are backed by China's government. U.S.-based Mandiant has said some Chinese hacking groups are operated by units of China's army.

China's authorities have consistently denied any form of state-sponsored hacking, saying China itself is a frequent target of cyberattacks. It has dubbed the U.S. National Security Agency (NSA) as "the world's largest hacker organisation".

Some of the biggest Chinese hacking teams identified by intelligence agencies and cybersecurity groups are:

'VOLT TYPHOON'

Western intelligence agencies and Microsoft (NASDAQ:MSFT) said on May 24 that Volt Typhoon, a group they described as state-sponsored, had been spying on a range of U.S. critical infrastructure organisations, from telecommunications to transportation hubs.

They described the attacks in 2023 as one of the largest known Chinese cyber-espionage campaigns against American critical infrastructure.

China's foreign ministry described the reports as part of a U.S. disinformation campaign.

'BACKDOORDIPLOMACY'

Palo Alto Networks (NASDAQ:PANW), a U.S. cybersecurity firm, says its research showed BackdoorDiplomacy has links to the Chinese state and is part of the APT15 hacking group.

A Reuters report in May identified BackdoorDiplomacy as being behind a widespread series of digital intrusions over several years against key Kenyan ministries and state institutions. The Chinese authorities said it was not aware of such hacking and described the accusations as baseless.

APT 41

Chinese hacking team APT 41, which is also known as Wintti, Double Dragon and Amoeba, has conducted a mix of government-backed cyber intrusions and financially motivated data breaches, according to U.S.-based cybersecurity firms FireEye (NASDAQ:MNDT) and Mandiant.

The U.S secret service said the team had stolen U.S. COVID relief benefits worth tens of millions of dollars between 2020-2022.

Taiwan-based cybersecurity firm TeamT5 said the group had targeted government, telecoms, and media victims in Japan, Taiwan, Korea, the United States and Hong Kong.

APT 41 was named by the U.S Department Justice in September 2020 in relation to charges brought against seven hackers for allegedly compromising more than 100 companies around the world.

The Chinese authorities have described such reports as "groundless accusations".

APT 27

Western intelligence agencies and cybersecurity researchers say Chinese hacking team APT 27 is sponsored by the state and has launched multiple attacks on Western and Taiwanese government agencies.

© Reuters. FILE PHOTO: U.S. and Chinese flags are seen in this illustration taken, January 30, 2023. REUTERS/Dado Ruvic

APT 27 claimed responsibility for cyber attacks against Taiwan in 2022 during a visit by then U.S House of Representatives Speaker Nancy Pelosi, saying it acted as a protest because Pelosi defied China's warnings not to visit.

Cybersecurity firm Mandiant said last year the group compromised the computer networks of at least six U.S. state governments between May 2021 and February of 2022, while the German authorities named blamed it for attacks against German pharmaceuticals, technology and other companies.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.