Cybersecurity Company Asserts Chinese Hackers Targeting Engineering, Transportation, Defense Firms

Industry News

March 5, 2019

Cybersecurity Company Asserts Chinese Hackers Targeting Engineering, Transportation, Defense Firms

Cybersecurity Company Asserts Chinese Hackers Targeting Engineering, Transportation, Defense Firms

The cyber-espionage firm FireEye asserts a hacker organization backed by the Chinese government is targeting engineering, transportation, and defense firms with links to the maritime sector.

FireEye calls the hacker organization APT40 and says it has been targeting U.S. firms since 2013. Much of the hacking activity is using phishing emails to get inside systems, deploying credential harvesting malware to get usernames and passwords, and then moving through networks with the ultimate goal of stealing proprietary data.

The researchers believe the focus of the hacking is related to China’s ‘Belt and Road Initiative,’ which is developing Chinese infrastructure in numerous countries around the world.

There’s no proof that APT40 is backed by the Chinese government, but FireEye has “high confidence” that it is. The firm says the targets and types of stolen data, as well as the types of malware that are used, are indicators of a state presence.

All comments to blog posts will be moderated by ACEC staff.