Hong Kong Hacked

Uploaded on 2016-09-08 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Two Hong Hong government agencies have come under attack from cyber-spies originating in China in the month leading up to the recent legislative elections, according to a US cybersecurity firm.

On at least three occasions in early August, the China-based group APT 3 targeted the organizations with “spear-phishing” attacks, in which e-mails with malicious links and attachments containing malware are used to access computer networks, said John Watters, president of iSIGHT, a unit of FireEye Inc. He said the hacks were “certainly” politically motivated, based on their targets.

Watters declined to say what agencies were attacked because his firm seeks to identify attackers, not shine a spotlight on the victims. It wasn’t possible to confirm whether APT 3 was linked to any Chinese government organization, he said, adding that the Hong Kong authorities had been informed of the incidents.

The Hong Kong’s government office for information confirmed it had been informed about the hacks. “Relevant security measures had already been put in place to block the suspicious e-mails,” it said in a statement. “So far, there is no security incident report from the two concerned departments.”

Legislative Elections

While Hong Kong was returned to China in 1997, the former British colony was guaranteed a “high degree of autonomy” for at least 50 years under a deal with the UK Beijing’s influence over the financial hub has been a key campaign issue in Sunday’s elections, in which voters will select lawmakers for the city’s 70-seat Legislative Council.

“What it appears to be is an opportunity to gain information without having the transparency of having to make a request,” Watters said. “If you want to know what someone’s thinking, would you rather read their diary or hear their prepared remarks?”

It wasn’t possible to verify what information, if any, had been stolen, Watters said. The Hong Kong and Macau Affairs Office of the State Council in Beijing didn’t immediately respond to faxed questions about the incident.

Hacking Attacks

Incidents of US hacking by China-based groups have fallen since President Xi Jinping’s visited the US last September and reached a cybersecurity deal, according to FireEye. Some of those hacking groups have refocused their energies on Asian targets amid an increase in regional tensions. Vietnam in particular has come under attack with malicious code disguised as antivirus software found lurking in everything from government offices to banks, companies and universities.

FireEye linked the Hong Kong spear-phishing attack to a Watters said his firm has tracked the group since 2011, over which time it has been blamed for hacking companies in industries from telecommunications to agriculture, in countries including Germany, Italy and the US APT 3 is among the top hackers based on sophistication and constant updates of tools it uses to access networks, he said.

Mandiant, another unit of FireEye, alleged in 2013 that China’s military might have been behind a group that had hacked at least 141 companies worldwide since 2006. The US issued indictments against five military officials who were purported to be members of that group.

Hackers typically send e-mails to targets hoping they’ll open attachments loaded with malware that infiltrates their computers and helps them access broader networks. ISIGHT tracks malware globally, and traced its presence to the networks of the Hong Kong government agencies, Watters said.

The subject of one of the e-mails used in the attacks in Hong Kong was a report on election results with a hyperlink to what the reader would assume was the report itself, Watters said. The hyperlink leads to a compromised sub-domain that contains the malware.

Information-Management:

 

« Cybercrime & Cyberwar: A Spotter's Guide
IBM’s Watson Takes Aim At CyberSecurity »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

Willis Towers Watson

Willis Towers Watson

Willis Towers Watson is a global risk management, insurance brokerage and advisory company. Services offered include Cyber Risks insurance.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

DDOS-Guard

DDOS-Guard

DDoS-GUARD is one of the leading service providers on the global DDoS protection and content delivery markets.

NWN Carousel

NWN Carousel

NWN Carousel delivers AI-powered technology solutions for the modern workplace. From unified communications and intelligent infrastructure to robust cybersecurity.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Bright Pixel Capital

Bright Pixel Capital

Bright Pixel Capital is a venture capital company with a focus on Cybersecurity, Retail Technologies, Digital Infrastructure and Emerging Technologies.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

Omantel Innovation Labs

Omantel Innovation Labs

The Omantel Innovation Labs is a platform to enable startups and innovators to develop and commercialize solutions within selected technology verticals including cybersecurity.

Royal United Services Institute (RUSI)

Royal United Services Institute (RUSI)

The Royal United Services Institute is an independent think tank engaged in cutting edge defence and security research. Areas of research include cyber security and resilience.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.

The Missing Link

The Missing Link

Whether your requirements are large or small, The Missing Link have you covered with our core offerings including IT & Cloud, Cyber Security and Automation.