Chinese Hackers Target Japan & EU

Uploaded on 2024-11-19 in FREE TO VIEW

The Chinese threat actor known as MirrorFace has been seen targeting a diplomatic organisation in the European Union, marking the first time the hacking crew has targeted an entity outside the Asian region.

The leading Slovak cyber security company ESET described the event, saying that this is an expansion in the threat group’s range of targets which have historically been restricted to target organisations in Japan.

Although the identity of the target diplomatic organisation wasn’t disclosed, the lure document was attached to a spear-phishing email with a Japanese theme, encouraging the target to download a document promoting an EXPO Exhibition in Japan in 2025.

Attacks on Japanese organisation by Chinese threat  groups has benn increasing and ESET note that, even considering this new EU targeting, "MirrorFace remains focused on Japan and events related to it.” 

Earlier this year Japanese security agencies reported an expansion in activities linked to MirrorFace. While the hackers focused initially on gaining access to media, political organisations, think-tanks and universities in Japan, they were also including manufacturers and research institutions. In August, Japan’s national cyber security agency (NISC) disclosed that had itself been hacked, with the attackers potentially accessing sensitive data for nine months before being discovered.

Japan has not publicly attributed the incident to a specific threat actor, however, a report by the Financial Times  names three government and private sector sources familiar with the situation, saying that state-backed Chinese hackers were suspected of being behind the attack.

This follows a report by the Washington Post that the US National Security Agency discovered Chinese military hackers had damagingly compromised Japan’s defence networks in 2020.

 ESET     |     JPCERT     |     FT     |     Washington Post     |     The Hacker News  |  The Record      

Image:  Ideogram

You Might Also Read:

Japan’s Leading Companies Exposed To Ransomware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Interpol Takes Down Cybercrime Network
Dealing With Cloud Security Challenges »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

BakerHostetler

BakerHostetler

BakerHostetler is one of the largest law firms in the USA We have five core practice groups including a specialty practice team in Privacy and Data Protection.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Synack

Synack

Synack provides a hacker-powered intelligence platform that uncovers security vulnerabilities that often remain undetected by traditional pen testers and scanners.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

Intraframe US

Intraframe US

Intraframe US is a cybersecurity company in Memphis, specializing in Digital Forensics Incident Response and Managed IT services. We provide SMBs with a 24/7 SOC for proactive Cyber Threat Management.