Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » Australian cyber security agency accuses China-backed hacker group of stealing user data – ET CISO

Australian cyber security agency accuses China-backed hacker group of stealing user data – ET CISO

Australian cyber security agency accuses China-backed hacker group of stealing user data – ET CISO

https://etimg.etb2bimg.com/thumb/msid-111639830,imgsize-7046,width-1200,height=765,overlay-etciso/data-breaches/australian-cyber-security-agency-accuses-china-backed-hacker-group-of-stealing-user-data.jpg

<p>Australian cyber security agency accuses China-backed hacker group of stealing user data</p>
Australian cyber security agency accuses China-backed hacker group of stealing user data

Cybersecurity firms backed by the Chinese authorities have been accused of stealing passwords and usernames from unnamed Australian networks in 2022, the Australian Cyber Security Centre (ACSC) reported on Tuesday.

The investigation against the CCP-backed hacker group titled APT40 involved Australian Cyber Security Centre, the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the German Federal Intelligence Service (BND) and Federal Office for the Protection of the Constitution (BfV), the Republic of Korea’s National Intelligence Service (NIIS) and NIS’ National Cyber Security Center, and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Police Agency (NPA), calling them authoring agencies.

The ACSA claimed that APT40 had conducted several cyber security operations for the PRC Ministry of State Security (MSS).

ACSA also claimed that “The activity and techniques overlap with the groups tracked as Advanced Persistent Threat (APT) 40” quoting the inputs from leading cyber security agencies from the US, Britain, Canada, New Zealand, Japan, South Korea and Germany.

According to the Activity summary section of the report by ACSA APT40 has repeatedly targeted Australian networks as well as government and private sector networks in the region, and the threat they pose to our networks is ongoing.

The tradecraft described in this advisory is regularly observed against Australian networks. Additionally, APT40 possesses the capability to rapidly transform and adapt exploit proof-of-concept(s) (POCs) of new vulnerabilities and immediately utilise them against target networks possessing the infrastructure of the associated vulnerability.

APT40 regularly conducts reconnaissance against networks of interest, including networks in the authoring agencies’ countries, looking for opportunities to compromise its targets.

The same report also claimed that the Hacker group also prefers to exploit vulnerable, public-facing infrastructure, using techniques that require user interaction, it puts high priority on obtaining valid credentials to enable a range of follow-on activities using web shells.

The investigative report of the ACSC claimed that in August 2022, a confirmed malicious IP address believed to be connected with the cyber group had interacted with the organisation’s computer networks between at least July and August. The compromised device probably belonged to a small business or home user. (ANI)

  • Published On Jul 10, 2024 at 08:32 PM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket