Digital warfare escalates with a trade war and as Trump attempts to balance the US trade deficit with China.
***Article first published by 'Info Wars' on June 20, 2018***
Suspected Chinese hackers are targeting companies involved with satellite communications and geospatial imaging.
According to U.S. cybersecurity firm Symantec, the hacking group, referred to as “Thrip,” has set its sights on “those in the communications, geospatial imaging, and defense sectors” in the United States and Southeast Asia.
Symantec warned that Thrip’s behavior appeared to be more than simple espionage due to the hackers’ heavy focus on computers linked to satellites.
“Perhaps the most worrying discovery we made was that Thrip had targeted a satellite communications operator,” Symantec’s Security Response Attack Investigation Team writes. “The attack group seemed to be particularly interested in the operational side of the company, looking for and infecting computers running software that monitors and controls satellites.”
Thrip’s behavior, Symantec says, suggests their motives could go “beyond spying and may also include disruption.”
The hackers also targeted an organization working on geospatial imaging and mapping in a similar fashion, taking interest in the company’s operational side.
“It targeted computers running MapXtreme GIS (Geographic Information System) software which is used for tasks such as developing custom geospatial applications or integrating location-based data into other applications,” Symantec said. “It also targeted machines running Google Earth Server and Garmin imaging software.”
The other targets included three telecommunications operators in Southeast Aaia as well as a defense contractor.
Symantec says it began monitoring Thrip in 2013 after tracing a digital spying campaign back to China. The firm says the latest attacks were similarly linked to three computer in China.
Thrip’s latest attacks were discovered earlier this year after Symantec says its artificial intelligence-based Targeted Attack Analytics system alerted them to the incident.
“From the initial alert triggered by TAA, we were able to follow a trail that eventually enabled us to see the bigger picture of a cyber espionage campaign originating from computers within China and targeting multiple organizations in the U.S. and Southeast Asia,” Symantec writes. “Espionage is the group’s likely motive but given its interest in compromising operational systems, it could also adopt a more aggressive, disruptive stance should it choose to do so.”