Home Resources Blog China-Based Cyber Espionage Campaign Targets Satellite, Telecom, Defense Firms

China-Based Cyber Espionage Campaign Targets Satellite, Telecom, Defense Firms

Admin Globaldots
26.06.2018
image 1 Min read

Threat group Thrip is using three computers based in China to steal data from targeted companies in Southeast Asia and the US, Symantec says.

An advanced persistent threat group that is believed to be operating out of China is conducting a wide-ranging cyber espionage campaign targeting satellite, telecommunications, and defense organizations mostly in Southeast Asia and the United States.

Security vendor Symantec, which uncovered the campaign, says what’s most worrying about the activity of the so-called Thrip group is its apparent interest in the operational networks of some of its victims. That suggests the attack group’s motives may extend beyond spying to actual service disruption as well, the security vendor says.

Symantec has been tracking Thrip since 2013 and believes the latest campaign began sometime in 2017. The security vendor stumbled upon the activity when it observed someone using Microsoft’s PsExec tool to move laterally on the network of a large telecom operator in Southeast Asia. Symantec’s investigation of the activity led to the discovery of a malicious tool previously associated with Thrip called Rikamanu being used in the attack. Symantec subsequently discovered three computers based in China being used in the Thrip attacks.

Image Source

Read more: Dark Reading

Learn More

Streamline Your Alert Management with Groupings
Monitoring, Logging & Observability
Admin Globaldots 02.02.23

Alerting is crucial for avoiding outages, not just responding to them. That’s why GlobalDots is adopting an innovation that revolutionizes the way alerts are processed, enabling teams to achieve their goals proactively and resolve issues quickly. Handling alerts on a large scale can be difficult, especially when dealing with hundreds or even thousands of alerts. […]

Read more
You’ll Need Zero Trust, But You Won’t Get It with a VPN
SD-WAN and SASE
Admin Globaldots 12.01.23

Properly implemented, a zero trust architecture provides much more granular and effective security than legacy security models. However, this is only true if a zero trust initiative is supported with the right tools. Legacy solutions, such as virtual private networks (VPNs), lack the capabilities necessary to implement a zero trust security strategy. Zero Trust Security is […]

Read more
4 Ways Where Remote Access VPNs Fall Short
SD-WAN and SASE
Admin Globaldots 09.01.23

The Global Content Delivery Network (CDN) market is expected to grow by $42.4 billion between now and 2032.

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo