Blackberry has published research that exposes how five cyberespionage groups believed to be aligned with the communist Chinese government were able to operate undetected for years.
“This research paints a picture of an espionage effort targeting the very backbone of large organizations’ network infrastructure that is more systemic than has been previously acknowledged,” said Chief Information Security Officer at BlackBerry John McClurg in a news release.
The 46-page report, titled “Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android,” reveals an organized effort to target Linux operating systems for the purpose of economic, financial and political espionage.
“Behind the scenes at government agencies, universities, and corporations around the world, you’ll find Linux on servers that house sensitive data as well as those that keep critical systems up and running,” writes the report.
Blackberry was able to identify five Advanced Persistent Threat (APT) groups that were sharing hacking software and working together for nearly a decade. According to Blackberry, at least one of the groups is strongly linked to China’s Ministry of State Security.
“Their targets run the gamut of nearly all verticals, and activities range from simple cybercrime to full-blown economic espionage, and from internal monitoring of politically dissenting populations to more traditional military and strategic nation-state espionage. These groups’ collective palette is wide and well-developed, touching nearly every industry sector across a huge geographic area,” reads the report.
China’s espionage and interference extend beyond the cyber world. A 2020 report by the National Intelligence and Security Committee (NISC) warned that the Chinese government has been trying to subvert Canada from within.
According to the NISC, Chinese interference has targeted elected officials, elections, universities and the media in an effort to influence Canada to meet China’s objectives.
“The threat is real, if often hidden. The perpetrators have become more brazen and their activities more entrenched,” states the report.
“Canada has been slow to react to the threat of foreign interference.”
As reported by True North, a Chinese cyberespionage actor attacked Canada and other nations in the “broadest campaign” of recent years, according to US cybersecurity firm FireEye.
The group targeted 75 different entities in a wide array of fields including government, healthcare, defence, media and banking.