Powered by MOMENTUM MEDIA
Powered by MOMENTUM MEDIA

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

Chinese hackers target swathe of French organisations, French cyber agency raises security alarm

The French National Agency for the Security of Information Systems (ANSSI) announced that the organisation is combating a large scale attack co-ordinated by Chinese government sponsored hacking groups, launched via infected routers.

The French National Agency for the Security of Information Systems (ANSSI) announced that the organisation is combating a large scale attack co-ordinated by Chinese government sponsored hacking groups, launched via infected routers.

The revelations have prompted the cyber agency to release a guide to help companies determine whether or not they were the targets of the incursion.

Advertisement
Advertisement

According to cyber security sources, the alleged group behind the incursion is Chinese government backed APT31. APT31 has also been dubbed Zirconium and Judgement Panda.

"ANSSI is currently handling a large intrusion campaign impacting numerous French entities. Attacks are still ongoing and are led by an intrusion set publicly referred as APT31," the agency said in a release.

"It appears from our investigations that the threat actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks."

According to FireEye, APT31 has targeted myriad industries, such as “government, international financial organisation, and aerospace and defence organisations, as well as high-tech, construction and engineering, telecommunications, media, and insurance”.

The group has utilised SOGU, LUCKYBIRD, SLOWGYRO and DUCKFAT malware, and exploits Java and Adobe Flash to target victims.

The revelation of the attack comes shortly after the global condemnation of state sanctioned and state sponsored hacking efforts from China.

“Today, the Australian government joins international partners in expressing serious concerns about malicious cyber activities by China's Ministry of State Security,” a joint release from Minister for Foreign Affairs Marise Payne, Minister for Home Affairs Karen Andrews and Minister for Defence Peter Dutton read.

“In consultation with our partners, the Australian government has determined that China's Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia. These actions have undermined international stability and security by opening the door to a range of other actors, including cyber criminals, who continue to exploit this vulnerability for illicit gain.

“The Australian government is also seriously concerned about reports from our international partners that China's Ministry of State Security is engaging contract hackers who have carried out cyber-enabled intellectual property theft for personal gain and to provide commercial advantage to the Chinese government.”

In March this year, it was revealed that the APT31 hacking group was behind a 2020 attack on the Finnish Parliament.

“Last year, the Security Police has identified a state cyber espionage operation against Parliament, which tried to infiltrate Parliament’s information systems. According to intelligence from the Security Police, this was the so-called APT31 operation,” the Finnish government released.

[Related: Australia joins chorus of democracies condemning China’s global cyber attacks] 

Chinese hackers target swathe of French organisations, French cyber agency raises security alarm
tech-one-Cyber-Security-Capabilities_737c.jpg
lawyersweekly logo

more from cyber security connect

NDAA bolsters cyber security spending
09:00
NDAA bolsters cyber security spending
The United States’ Senate Armed Services Committee has approved the National Defense Authorisation...
07:00
Rethinking cyber security strategies to secure Australia’s remote workforce
Rick McElroy, the principal cyber security strategist at VMware, offers insights into how organisati...
Jul 27 2021
Cyber security firm archTIS announces record breaking quarter
The ASX-listed cyber security company confirmed that the June quarter was the company’s best perf...