Dell Secureworks has identified a Chinese hacking group targeting various websites belonging to high-profile targets that include defense manufacturers in the US and the UK.
The Chinese hacking group identified as Emissary Panda also identified as Threat Group 3390 has set-up various global traps to siphon off data from the websites.
The group has been tracking for two years as it targeted more than 100 organizations, about half from the US and UK.
“The targets included the usual sectors, including electronics, automotive, oil and gas, pharma, defense, law, with a number of attacks on the sort of educational and political organizations that seem to fascinate Chinese cybercriminals or their paymasters,” Computerworld Magazine reported Wednesday.
In a report by Dell Secureworks, Emissary Panda uses strategic web compromises to infect very specific targets, including embassies spanning Africa, Europe and Asia and non-governmental organizations focused on international relations and defense.
Government targets, large manufacturing companies and energy firms have also been infected with a number of tools designed to steal information.
“The Emissary Panda hackers are choosy about what they steal, typically doing a directory dump of everything they access before coming back for only small bits of any trove. They often ignore interesting documents in favor of very specific ones, he believes because their ultimate customer for the data has very targeted interests,” Dell SecureWorks researcher Aaron Hackworth was quoted as saying by the magazine.
According to the report, there are a number of reasons why China has been identified as the origin of the cyber group. The hackers use the Baidu search engine when doing target reconnaissance, the types of targets reflect Chinese interests and the group's activities all coincide with standard working times in China, Dell said.
Relations between the US and China are becoming increasingly strained after recent cyber-attacks against the US Office of Personnel Management and United Airlines.
US intelligence agencies are currently holding classified meetings to discuss retaliation options, while China has consistently denied involvement.