Chinese Hackers Target Japan & EU

Uploaded on 2024-11-19 in FREE TO VIEW

The Chinese threat actor known as MirrorFace has been seen targeting a diplomatic organisation in the European Union, marking the first time the hacking crew has targeted an entity outside the Asian region.

The leading Slovak cyber security company ESET described the event, saying that this is an expansion in the threat group’s range of targets which have historically been restricted to target organisations in Japan.

Although the identity of the target diplomatic organisation wasn’t disclosed, the lure document was attached to a spear-phishing email with a Japanese theme, encouraging the target to download a document promoting an EXPO Exhibition in Japan in 2025.

Attacks on Japanese organisation by Chinese threat  groups has benn increasing and ESET note that, even considering this new EU targeting, "MirrorFace remains focused on Japan and events related to it.” 

Earlier this year Japanese security agencies reported an expansion in activities linked to MirrorFace. While the hackers focused initially on gaining access to media, political organisations, think-tanks and universities in Japan, they were also including manufacturers and research institutions. In August, Japan’s national cyber security agency (NISC) disclosed that had itself been hacked, with the attackers potentially accessing sensitive data for nine months before being discovered.

Japan has not publicly attributed the incident to a specific threat actor, however, a report by the Financial Times  names three government and private sector sources familiar with the situation, saying that state-backed Chinese hackers were suspected of being behind the attack.

This follows a report by the Washington Post that the US National Security Agency discovered Chinese military hackers had damagingly compromised Japan’s defence networks in 2020.

 ESET     |     JPCERT     |     FT     |     Washington Post     |     The Hacker News  |  The Record      

Image:  Ideogram

You Might Also Read:

Japan’s Leading Companies Exposed To Ransomware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Interpol Takes Down Cybercrime Network
Dealing With Cloud Security Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

DataArt

DataArt

DataArt is a global technology consultancy that designs, develops and supports unique software solutions. Areas of activity include software security testing.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Mphasis

Mphasis

Mphasis is a leading applied technology services company applying next-generation technology to help enterprises transform businesses globally.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

Bytes Technology Group

Bytes Technology Group

Bytes is a leading provider of world-class IT solutions. Our growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.

Viatel Technology Group

Viatel Technology Group

Viatel Technology Group is a complete digital services provider. We have over 26 years’ experience delivering fully managed security, networking, cloud and communications services.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.