‘China, Russia linked to cyberspying’
WASHINGTON: The Russian and Chinese governments are likely behind widespread cyber-espionage that has hit targets in the US and elsewhere, two separate security reports said Tuesday.
One team of researchers led by the security firm Novetta Solutions said it identified a hacker group believed to act “on behalf of a Chinese government intelligence apparatus.”
A separate report by the security firm FireEye said a long-running effort to hack into US defense contractors, Eastern European governments and European security organizations is “likely sponsored by the Russian government.”
The Chinese group, which was dubbed Axiom, “is a well resourced, disciplined and sophisticated cyber-espionage group operating out of mainland China,” said Novetta chief executive Peter LaMontagne in a statement released with the study.
“Novetta has moderate to high confidence that the organization tasking Axiom is a part of Chinese Intelligence apparatus,” the company said.
“This belief has been partially confirmed by a recent FBI flash released to Infragard (a partnership with the FBI and private sector) stating the actors are affiliated with the Chinese government.”
Axiom has hacked pro-democracy non-governmental organizations and other groups and individuals “perceived as a potential threat to the stability of the Chinese state,” Novetta said.
“Axiom uses a varied tool-set ranging from generic malware to very tailored, custom malware designed for long-term persistence that at times can be measured in years.” The report was the result of research from a variety of security organizations including Cisco, FireEye, F-Secure, iSight Partners, Microsoft, Tenable and others.
The report said the firms went beyond simply collecting information and cooperated on a “coordinated, effective remediation and disruption” of the Chinese networks.