A “cyber espionage” group from China disguised itself as Iranian hackers and managed to invade Israeli government institutions online, according to a new report by security researchers.
A report by security company FireEye, which revealed the group along with the Israeli defense services, states that there is insufficient evidence to link the spy group to the Chinese state.
However, the company’s “threat analysts” are convinced that the spy team is Chinese and that its targets “are of great interest to Beijing’s economic, diplomatic and strategic targets.”
The hackers’ attempt to conceal their nationality was “a bit unusual,” according to Jens Monrad, who heads FireEye’s Mande threat intelligence division at EMEA.
“We have historically seen some false flag attempts. We saw one during the Olympic Games in South Korea,” he told Sky News, referring to Russian hackers pretending to be Chinese and North Koreans.
“There can be several reasons why a threat agent wants to make a false flag – it obviously makes the analysis a little more complicated,” Mr Monrad told Sky News.
The report focused on cyber espionage targeting Israeli government agencies, IT providers and telecommunications entities, but the group had also tried to hack into computer networks in the UAE and elsewhere.
Mr Monrad said the attempt to hide the identity of the hackers “was not very clever” but slowed down the company’s analysis of the incidents, which he added may have been the target.
The Chinese team tried to use Farsi in parts of the code that could be recovered by incident teams, and also used “piracy” tools related to Iranian groups that had previously leaked to the internet.
However, linguistic analysts at FireEye said the terms chosen by the group would not have been used by Farsi native speakers.
Follow Skai.gr on Google News
and be the first to know all the news
.
