‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak

Uploaded on 2019-05-17 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, TECHNOLOGY--Hackers

Chinese spies obtained NSA cyber weapons more than a year before they were leaked by the Shadow Brokers group in one of the most high-profile hacks of the last decade, it has been alleged.

Researchers at Symantec claimed that the Buckeye group, which is believed to be made up of Chinese intelligence agents, used the weapons to launch attacks on targets in Europe and Asia at least 12 months before they came into the public domain.

In a blog post, Symantec’s investigation team noted that variants of the tools used by Buckeye “appear to be different from those release by Shadow Brokers, potentially indicating that they didn’t originate from that leak”. Instead, Symantec’s researchers believe the tools could have been analysed and repurposed if they were used by the NSA to launch attacks on Chinese targets, the New York Times reported.

Organisations in Hong Kong, Vietnam, the Philippines, Belgium and Luxembourg are among those to have been targeted by Buckeye using the NSA’s stolen weapons, according to Symantec.

In November 2017, three alleged members of the Buckeye group were indicted in the United States for hacking three companies for “commercial advantage”. They were accused by the US Department of Justice of computer hacking, theft of trade secrets, conspiracy and identity theft in a campaign against organisations in the financial, engineering and technology industries. Buckeye had gone quiet in the months before the indictments were issued.

“While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018,” said Symantec’s researchers. “It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed.”

The authors added: “All zero-day exploits known, or suspected, to have been used by this group are for vulnerabilities in Internet Explorer and Flash.”

New Statesman:         Symantec

You Might Also Read: 

Who Are The Shadow Brokers?:

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

 

 

« AI In Cyber Security Is Worth Almost $5B
Verizon 2019 Data Breach Report »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Grid32

Grid32

Grid32 provides independent computer system and physical security audit services to government and corporate clients of all sizes.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

CYSEC NG

CYSEC NG

Cyber Security Challenge Nigeria Initiative (CYSEC NG) is the first, and largest offensive premier Cyber Conference and Hacking event in Africa.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Gradcracker

Gradcracker

Gradcracker is THE careers website for Science, Technology (including Cybersecurity), Engineering and Maths university students in the UK.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

OpenZiti

OpenZiti

OpenZiti is the world’s most used and widely integrated open source secure networking platform. OpenZiti provides both zero trust security and overlay networking as pure open source software.

Forthright Technology Partners

Forthright Technology Partners

Forthright Technology Partners (Forthright) is a next-generation cloud and managed IT services provider serving a global clientele.

National Cyber Force (NCF)

National Cyber Force (NCF)

The National Cyber Force (NCF) is a partnership between defence and intelligence.