A hacker group “likely” backed by the Chinese regime has focused on non-governmental organizations (NGOs) working on issues relevant to the country for up to five years, according to a recent report.
The group targeted “multiple” NGOs over a period of several months or even years, the report stated, adding that the organizations all “conduct research on issues relevant to” China.
Bronze President also collected login credentials for the NGOs’ social media and email accounts, Secureworks stated.
The report concluded that the group is “highly likely” to be based in mainland China.
“It is likely that Bronze President is sponsored or at least tolerated by the PRC [People’s Republic of China] government. The threat group’s systemic long-term targeting of NGO and political networks does not align with patriotic or criminal threat groups,” it added.
In addition to NGOs, the reported noted that the group also targeted political and law enforcement organizations in countries near China, such as Mongolia and India, revealing the group’s “likely intent to conduct political espionage in other countries.”
Among the targets were national security and humanitarian organizations in East, South, and Southeast Asia, it stated.
“I think the Chinese government will try and gather information around those kinds of events,” McLellan told the outlet.
“It will want to understand how opponents are thinking, how regional partners might be thinking and one of the ways they will do that is go out and try to gather information through means such as cyber attacks. ... I think there’s every chance those kind of real world events are all tied up with the same campaign that we’ve seen here.”
The report comes weeks after Dutch cybersecurity firm Fox-IT found that a hacking group linked to the Chinese regime has resumed global attacks, stealing data from companies and government agencies.According to Fox-IT, the group called APT20, after laying dormant, for the past two years has been targeting government entities and companies in 10 countries, including the United States. The businesses are in a wide variety of industries, including aviation, finance, health care, energy, insurance, gambling, and construction.
The hacker group, also known as Violin Panda, is “likely working to support the interests of the Chinese government and are tasked with obtaining information for espionage purposes,” the report stated.