Chinese hackers are interested in anti-missile systems deployed in South Korea

According to the recent investigation conducted by the security company FireEye, Chinese hackers are trying to infiltrate at least one South Korean organisation connected to the deployment of the Terminal High Altitude Area Defense (THAAD) missile system. As John Hultquist, the FireEye director of cyber-espionage analysis, stated in an interview with the Wall Street Journal published on 21 April, the attacks to the systems linked to the implementation of THAAD were registered from at least two Chinese APTs (Tonto and APT10).

The first of the groups is supposedly tied to China’s military and operates from the Northeastern Chinese city of Shenyang, which is also known for North Korean hacker activities. As FireEye believes, the latter group, known as APT10, is also linked to some of Chinese military or intelligence units. This information is corresponding with the fact that China is strongly opposing South Korean THAAD deployment. The cyber attacks were realized by a phishing technique via e-mails with weaponized attachments, to which at least one person fell victim. FireEye was, however, able to profile the attackers and monitor their activities.

About author: Roman Šulc


Tento web používá k analýze návštěvnosti soubory cookie. Používáním tohoto webu s tím souhlasíte. Další informace