World

China-linked hackers target military, government texts: FireEye Inc

Bloomberg Washington | Updated on November 01, 2019 Published on November 01, 2019

Representative image   -  istock.com/leolintang

In 2019 alone, it observed that eight attempts to target telecommunications entities by groups with suspected links to the Chinese government

A state-linked Chinese hacking group is using malware to steal SMS text messages from high-ranking military and government targets, according to cybersecurity company FireEye Inc.

The hacking technology, known as MESSAGETAP, allows China to efficiently steal data from multitudes of sources from one location, Steven Stone, FireEyes director of advanced practices, said in a statement. Espionage-related theft and intrusions have been long occurring, but what is new is the vast scale due to the use of this tool.

The company’s finding, released in a blog on Thursday, underscores the growing concerns about Chinas use of technology for espionage and the theft of intellectual property. Telecommunications pose a special concern, as the United States (US) seeks to persuade its allies not to build their next-generation networks with tools from Chinese companies such as Huawei Technologies Co.

But even in networks that China has not built, sophisticated hacking operations might allow access to data. In 2019 alone, FireEye observed eight attempts to target telecommunications entities by groups with suspected links to the Chinese government. Four of these hacking attempts were conducted by the group known as APT41 that is now using MESSAGETAP.

APT41 began state-sponsored cyber-espionage missions as well as financially motivated intrusions as early as 2012, FireEye said. But the cybersecurity company said it discovered the use of MESSAGETAP only this year while probing a hack of a telecommunications network provider.

During this intrusion, thousands of phone numbers were targeted, to include several high-ranking foreign individuals likely of interest to China, Stone said in the statement. Any SMS containing keywords from a pre-defined list such as the names of political leaders, military and intelligence organisations and political movements at odds with the Chinese government were also stolen.

Even though FireEye has detected the use of MESSAGETAP by China-linked hackers, it is difficult to defend against the malware. “There are virtually no actions that a user can take to protect these messages on their devices or even gain awareness to this activity,” FireEye said in the statement.

Published on November 01, 2019
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.