Chinese Hacker Groups Shift Focus To India

Uploaded on 2017-12-29 in NEWS-News Analysis, INTELLIGENCE--International, FREE TO VIEW

Chinese advanced persistent threat (APT) groups that have allegedly been creating cyber havoc internationally will shift their focus in 2018 to countries like India and Hong Kong and groups seen as a threat to Beijing's influence over global markets. 

"For Indian enterprises, one of the most important security questions is, do you know who is targeting you and how they operate? The threat landscape looks very different depending on the nature of your business, the data you hold, your relationships, and more," Shrikant Shitole, Senior Director and Country Head for India at FireEye, told news agency IANS.

"Organisations cannot effectively measure their security by compliance standards or vis-a-vis their peers. They must measure it against their adversaries. Can they detect and defend the attacks their adversaries are likely to employ? Most firms are not as secure as they would like to believe." 

For the government and private sector alike, the FireEye executive said, it's important we shore up defences to avoid a situation like Russia's meddling in the recent US presidential election.

"The threat actor activity which facilitates these operations often takes place well before election day, and as we saw in the US, targets can be very diverse. The unfortunate reality today is this is threat with which all democracies must contend," Mr Shitole noted.

In the Indo-Pacific region, FireEye said, China and neighbouring countries are still continuing political disputes, especially with India, South Korea, Japan, the Philippines, Vietnam and other South-east Asian countries.

"Therefore, unorganised 'hacktivism' attacks as a response to these political tensions within and against these countries is expected to continue and possibly rise throughout the new year," the company warned.

According to FireEye, it observed an increase in non-Chinese and non-Russian APT groups in 2017 and expects to discover more in 2018.

"Recently we did a report on APT33, a threat group out of Iran. They're primarily targeting the kingdom of Saudi Arabia, the United States, and Israel. Those nations tend to pop up on Iran's radar when it comes to targeting. It's game on for them," Kevin Mandia, CEO, FireEye, said in a statement.

Ransomware is expected to rise in 2018

Other popular techniques that will continue to be used in 2018 are strategic web compromises and spear phishing, especially in targeted attacks. We also expect to see many more destructive worms and wipers. However, adoption of Cloud technology will increase in 2018, among businesses.

"You have to be ready for even the most seemingly simple threats, and you have to detect them, because I don't believe we're going to be able to do security risk transfer to have the Cloud providers detect it.” Mr Mandia said.

"They can't tell you how your users normally use their email. They just try to make it available to your users. So, we're going to have a lot of interesting challenges and complexities there," he added.

Meanwhile, as cryptocurrency continues to skyrocket in value and popularity, malware targeting anonymous currencies such as bitcoin will increase.

"Moving into 2018, we expect to see much more malware actively stealing cryptocurrency from weakly protected wallets, shimming password entry to wallets, stealing offline wallets for brute forcing or using credentials stolen from the same user," the firm said.

NDTV

You Might Also Read: 

The Differences Between Targeted Attacks and Advanced Persistent Threats:

Cybersecurity Skills Gap in India:

Three Pronged Attack: Chinese Military In Cyberwarfare Buildup:


 

« Intelligent & Autonomous Security Robots
Snowden’s Haven - A New Surveillance App »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

National Defense Industry Association (NDIA)

National Defense Industry Association (NDIA)

The National Defense Industrial Association Cyber Division contributes to US national security by promoting interaction between the cyber defense industry, government and military.

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

Aujas Cybersecurity

Aujas Cybersecurity

Aujas has deep expertise and capabilities in Identity and Access Management, Risk Advisory, Security Verification, Security Engineering, & Managed Detection and Response services.

Fugue

Fugue

Fugue ensures cloud infrastructure stays in continuous compliance with enterprise security policies.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

Cohesity

Cohesity

Cohesity radically simplifies the way businesses back up, manage, protect, and extract value from their data—in the data center, at the edge, and in the cloud.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

PhishProtection

PhishProtection

We created Phish Protection to prevent all types of phishing including spear phishing protection and office 365 email protection for your small business.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.