Home / Technology / Asian Hackers Breach 37 Nations' Gov Systems
Asian Hackers Breach 37 Nations' Gov Systems
5 Feb
Summary
- Asian cyber-espionage group targeted over 37 countries.
- Infiltrated 70 organizations, including five law enforcement agencies.
- Hackers used fake emails and unpatched flaws for access.
A sophisticated Asian cyber-espionage group has been actively breaching computer systems belonging to governments and critical infrastructure organizations across more than 37 nations over the past year. This state-aligned threat actor successfully infiltrated the networks of 70 organizations, including five national law enforcement and border control agencies. The group's targets also encompassed three ministries of finance and parliamentary bodies.
Researchers from Palo Alto Networks identified that the hackers employed highly-targeted fake emails and exploited known, unpatched security vulnerabilities to gain illicit access. Espionage appears to be the primary motivation, as the actors frequently sought sensitive data such as email communications and other confidential information. The operation's scope is considered unusually vast, with actors conducting digital reconnaissance globally.
Some of the group's activities have coincided with significant geopolitical events, suggesting a coordinated approach to information gathering. Notable instances include breaches targeting entities in Venezuela, the Czech Republic, and Brazil, occurring around key political and diplomatic happenings. The US Cybersecurity and Infrastructure Security Agency acknowledged awareness of the campaign and is collaborating to address the identified vulnerabilities.
