Chinese Hackers Target Japan & EU

Uploaded on 2024-11-19 in FREE TO VIEW

The Chinese threat actor known as MirrorFace has been seen targeting a diplomatic organisation in the European Union, marking the first time the hacking crew has targeted an entity outside the Asian region.

The leading Slovak cyber security company ESET described the event, saying that this is an expansion in the threat group’s range of targets which have historically been restricted to target organisations in Japan.

Although the identity of the target diplomatic organisation wasn’t disclosed, the lure document was attached to a spear-phishing email with a Japanese theme, encouraging the target to download a document promoting an EXPO Exhibition in Japan in 2025.

Attacks on Japanese organisation by Chinese threat  groups has benn increasing and ESET note that, even considering this new EU targeting, "MirrorFace remains focused on Japan and events related to it.” 

Earlier this year Japanese security agencies reported an expansion in activities linked to MirrorFace. While the hackers focused initially on gaining access to media, political organisations, think-tanks and universities in Japan, they were also including manufacturers and research institutions. In August, Japan’s national cyber security agency (NISC) disclosed that had itself been hacked, with the attackers potentially accessing sensitive data for nine months before being discovered.

Japan has not publicly attributed the incident to a specific threat actor, however, a report by the Financial Times  names three government and private sector sources familiar with the situation, saying that state-backed Chinese hackers were suspected of being behind the attack.

This follows a report by the Washington Post that the US National Security Agency discovered Chinese military hackers had damagingly compromised Japan’s defence networks in 2020.

 ESET     |     JPCERT     |     FT     |     Washington Post     |     The Hacker News  |  The Record      

Image:  Ideogram

You Might Also Read:

Japan’s Leading Companies Exposed To Ransomware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Interpol Takes Down Cybercrime Network
Dealing With Cloud Security Challenges »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

Crypta Labs

Crypta Labs

Crypta Labs is an Award Winning IOT Security startup that is developing a quantum-based encryption chip to secure the Internet of Things.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

Talon Cyber Security

Talon Cyber Security

Talon delivers the leading enterprise browser designed to bring security to managed and unmanaged devices, regardless of location, device type or operating system.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

Global Market Innovators (GMI)

Global Market Innovators (GMI)

Global Market Innovators (GMI) delivers secure technology solutions to organizations in need.

First Focus

First Focus

First Focus is a managed service provider for medium-sized organisations.

ScamAdvisor

ScamAdvisor

ScamAdviser helps over 3 million consumers every month to discover if a website is legitimate or a possible scam.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.

Cyber Guards

Cyber Guards

Cyber Guards provide comprehensive, turn-key cyber security programs for small and mid-size business for about the cost of one full-time cybersecurity hire.

Secure Cyber Management

Secure Cyber Management

Secure Cyber Management provides industry-leading cloud security advice, guidance and services.

DarkHorse Security

DarkHorse Security

DarkHorse exists to make it easy and affordable for organizations to be able to identify their cybersecurity vulnerabilities.