Network Security, Threat Intelligence, Phishing

South China Sea nations subjected to prolonged China-linked attacks

AI and Email

Novel Chinese hacking operation Unfading Sea Haze has compromised at least eight government and military organizations across the South China Sea — where China has territorial claims against Indonesia, Malaysia, Taiwan, Vietnam, and the Philippines — as part of a cyberespionage campaign that began nearly five years ago, according to The Record, a news site by cybersecurity firm Recorded Future.

Initial network access was achieved by attackers through spearphishing emails that included malicious attachments facilitating backdoor deployment in targeted systems, a report from Bitdefender showed. Other tools were then used by Unfading Sea Haze to hijack admin accounts and further expand network access before distributing stealthy information-stealing malware, said researchers.

Such a development comes amid a Mandiant report detailing Chinese hackers' utilization of a proxy army dubbed "ORB networks," which were regarded by Mandiant Principal Analyst Michael Riggi to be a major Chinese cyberespionage innovation.

"[ORBs are] like a maze that is continually reconfiguring with the entrance and the exit disappearing from the maze every 60 - 90 days," said Riggi.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.