State sponsored attacks are nothing new. Recently, both the US and Iranian Government have accused each other of carrying out cyber-attacks on each other. Concerns over Chinese spying are also nothing new, as the US government has recently banned federal purchases of telecommunications equipment from five Chinese companies, including Huawei.
Two Chinese hacking groups have been suspected of carrying out cyber-attacks on US companies on behalf of the Chinese government. Researchers at Proofpoint say that the group, APT10, were responsible for a phishing attack targeting employees of US Utilities with emails purporting to be from the National Council of Examiners for Engineering and Surveying (NCEES). The emails claimed to be delivering professional examination results, but which were actually delivering "malicious" Microsoft Word attachments. The malware, named "LookBack," is a malicious VBA macro that allows the hackers the access required to steal data on the computer. APT10 also made headlines in June, when it was reported that the group had compromised the systems of at least ten cellular carriers around the world to steal metadata related to specific users linked to China.
In addition, The Financial Times has also published an article that identifies another Chinese hacking involved in hacking on behalf of the government. The group, known as Advanced Persistent Threat 41 (APT41), is described as a “creative and well-resourced” outfit that has been operating since 2012. Starting out as a gang targeting video games for profit, they have also moved into state-backed espionage operations against the healthcare and high-tech sectors and political dissidents in 2014. Some of their targets include major global telecoms companies and their subsidiaries for call record information and in the healthcare sector to steal sensitive intellectual property from medical device and pharmaceutical companies, including clinical trial data, and detailed business information ahead of mergers and acquisitions transactions.
The list of cyber threats to your business is growing. If you think it can’t happen to you, think again. With the recent tensions between the Canadian and Chinese Governments over Huawei, it’s only a matter of time before Canadian businesses are also targeted by state-sponsored hackers.