Chinese Group Carried out Widespread Cyber Espionage Campaign in Israel
United States cybersecurity firm FireEye said a Chinese group has waged a widespread espionage campaign against Israeli entities.
The attacks targeted Israeli government institutions, IT providers, and telecommunications firms in multiple, concurrent operations starting in January of 2019.
The hackers carried out data harvesting and reconnaissance, likely motivated by financial, technological, and business interests. FireEye did not report Chinese government involvement but said the targets coincided with Beijing’s interests.
During the same campaign against Israel, the group attacked targets in Iran, the United Arab Emirates and Kazakhstan, and may have sought to ascribe the attacks to Iran.
FireEye first detected the Chinese espionage group, called UNC215, making the intrusions by exploiting a Microsoft SharePoint vulnerability in early 2019. The group used its custom malware tools, called FOCUSFJORD and HYPERBRO, during the attacks.
After breaking into a system, the group stole large numbers of users’ credentials and carried out internal network reconnaissance. The group’s HYPERBRO malware was used for information collection, such as screen captures and keylogging.
Israel has been caught between China and the US in recent years, as the two rivals seek to wield global influence while Jerusalem tries to maintain friendly relations and trade ties. China has also bid for or been involved with, Israeli tunnel construction, railways, desalination plants, agriculture projects, and 5G network infrastructure.
Israel has been working for years to expand trade with China, one of the world’s largest markets.
(TOI / VFI News)
“God, we ask You to protect Your children from physical, emotional, and virtual attacks.”