Chinese South China Sea Cyberespionage Campaign Unearthed

Industry news
Post Reply
Posts: 285
Joined: Mon Oct 30, 2023 1:32 am
Location: Vicksburg, MS
ISC2 Member Status: Yes

Chinese South China Sea Cyberespionage Campaign Unearthed

Post by rbc »

A government agency in a country that has repeatedly clashed with China over Beijing's territorial ambitions in the South China Sea was the subject of a prolonged cyberespionage campaign that used previously undetected backdoors and partially overlaps with known Sino state threat actors.

Researchers at Sophos Managed Detection and Response said Wednesday they uncovered a complex, multi-cluster Chinese state-sponsored cyberespionage operation they dubbed "Crimson Palace." Sophos, with high confidence, attributes the hacking activity to hacking clusters associated with Chinese-state-sponsored activities.

The hackers targeted documents held by the unnamed agency with file names indicating they have intelligence value, including military documents related to strategies in the South China Sea. The campaign was focused on gathering information that could benefit Chinese state interests. Sophos said it first detected the activity in May 2023 although investigations found evidence of "related earlier intrusion activity" dating to early the year before.
Chinese South China Sea Cyberespionage Campaign Unearthed
Robert B. Carleton + ISC2 Central Mississippi President
Post Reply