Chinese Hackers Target Japan & EU

Uploaded on 2024-11-19 in FREE TO VIEW

The Chinese threat actor known as MirrorFace has been seen targeting a diplomatic organisation in the European Union, marking the first time the hacking crew has targeted an entity outside the Asian region.

The leading Slovak cyber security company ESET described the event, saying that this is an expansion in the threat group’s range of targets which have historically been restricted to target organisations in Japan.

Although the identity of the target diplomatic organisation wasn’t disclosed, the lure document was attached to a spear-phishing email with a Japanese theme, encouraging the target to download a document promoting an EXPO Exhibition in Japan in 2025.

Attacks on Japanese organisation by Chinese threat  groups has benn increasing and ESET note that, even considering this new EU targeting, "MirrorFace remains focused on Japan and events related to it.” 

Earlier this year Japanese security agencies reported an expansion in activities linked to MirrorFace. While the hackers focused initially on gaining access to media, political organisations, think-tanks and universities in Japan, they were also including manufacturers and research institutions. In August, Japan’s national cyber security agency (NISC) disclosed that had itself been hacked, with the attackers potentially accessing sensitive data for nine months before being discovered.

Japan has not publicly attributed the incident to a specific threat actor, however, a report by the Financial Times  names three government and private sector sources familiar with the situation, saying that state-backed Chinese hackers were suspected of being behind the attack.

This follows a report by the Washington Post that the US National Security Agency discovered Chinese military hackers had damagingly compromised Japan’s defence networks in 2020.

 ESET     |     JPCERT     |     FT     |     Washington Post     |     The Hacker News  |  The Record      

Image:  Ideogram

You Might Also Read:

Japan’s Leading Companies Exposed To Ransomware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Interpol Takes Down Cybercrime Network
Dealing With Cloud Security Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Vysk Communications

Vysk Communications

Vysk is an award-winning mobile security firm that has developed the world’s most secure system for voice communication.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Kickstart

Kickstart

Kickstart supports your startup in scaling deep technology businesses in Switzerland in areas such as AI, Blockchain and Cybersecurity.

Cyber Talents

Cyber Talents

CyberTalents is on a mission to close the gap of cyber security professionals shortage across the globe.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Think|Stack

Think|Stack

Think|Stack is a managed IT services company specializing in cloud and cybersecurity with human-centered design.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

Blue Bastion

Blue Bastion

Don’t give cybercriminals the chance to find weaknesses in your company’s cyber security system. Defend your institution from all attacks from all directions with Blue Bastion.

Chorus

Chorus

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.