While there have been reports over the last few months as the coronavirus exploded around the world of state-sponsored hackers targeting various Chinese interests, a new report out today from a cybersecurity services firm claims to have uncovered a years-long online Chinese espionage operation targeting governments across the Asia-Pacific region, including Australia.
Check Point Software Technologies detailed the operations of a known hacking group called “Naikon” in research released Thursday. The Chinese group, first written about by security researchers in 2015, slipped off the radar over the last few years, but according to the firm’s new report, has been active for much of this time. Using documents emailed to government targets, the hackers gained access to government networks, looking for confidential documents, stealing data, taking screenshots, and installing key-loggers to gather passwords. The hackers sometimes used compromised systems to host and launch further attacks.
The researchers say targeted countries include Australia, Indonesia, the Philippines, Vietnam, Thailand, Myanmar, and Brunei. While the pattern Check Point focuses on in its new report dates back several years, the pandemic’s orgins in China seems to have touched off state-sponsored cyber attacks targeting the country’s interests. In early April, ZDNet reported that a hacking group thought to be operating out of east Asia targeted Chinese government agencies and their employees, both in China and in Chinese government buildings around the world. Reuters reported in late March that the same group, known as “DarkHotel,” are thought to have attempted to hack into the World Health Organization. Bloomberg reported that Vietnamese hackers have also targeted Chinese government officials in Wuhan, the city where the coronavirus is thought to have originated.