Cybersecurity firm Area 1 defends pointing finger at China over European cables hack

by chebbi abir

Chinese military hackers have used a persistent phishing campaign to steal thousands of European diplomatic cables on sensitive topics ranging from counterterrorism to technology exports, cybersecurity researchers charged Wednesday.

The years-long operation targeted over 100 organizations, including the United Nations and the AFL-CIO, according to Area 1, a California-based cybersecurity company.

The China’s People’s Liberation Army (PLA) was behind the effort, Area 1 said. The company did not list detailed forensic evidence linking the hack to the PLA, drawing criticism from other researchers as to why an attribution was made. But Area 1 defended its work, telling CyberScoop it had plenty of evidence of China’s role in the breach.

A spokesperson for the Chinese embassy in Washington, D.C., did not respond to a request for comment on the allegations. European Union officials said Wednesday that they were investigating the breach.

In an interview with CyberScoop, Area 1 co-founder Blake Darché said the company had solid evidence to attribute the activity to Chinese operatives, some of which was only released privately to Area 1 customers.

“We looked at IP addresses used, domain names registered by the attacker, and we were able to traces those pieces of information to certain geographic locations in China,” said Darché, a former National Security Agency official.

Juan Andres Guerrero-Saade, a researcher at Alphabet’s Chronicle, criticized what he called Area 1’s “unequivocal and unnuanced attribution statement” blaming the PLA for the hacking.

To read the original article :


Interdit de copier  ce contenu