An inexhaustible state-supported Chinese cyber spying operation began in 2020 with one of its major hacking movements, although the coronavirus lockdown in China seemed to have affected the group’s output.
Extensively thought to related to the Chinese government, the global operation by hacking group APT 41, attacked telecom companies, manufacturing, healthcare, defense, higher education, pharmaceuticals, banking, media, oil and gas, chemicals, and government.
Movements by the group are often organized in a bid to steal intellectual property, and there are some signs that the attacks are used to organize general spying and surveillance on target networks.
Business and technology disrupted by coronavirus
The spread of the coronavirus has disrupted almost all businesses and industry globally, with conferences cancelled and supply chains disturbed.
APT 41’s latest campaign began in January and sustained through to March and has been exposed and detailed by scientists at cybersecurity company FireEye, who label it as “one of the broadest campaigns by a Chinese espionage actor we have observed in recent years”.
The group’s latest hacking movement tried to exploit lately exposed flaws in Citrix Netscaler, Cisco routers and Zoho ManageEngine Desktop Central.
“We did not observe APT41 activity at FireEye customers between February 2 and February 19, 2020. China initiated COVID-19 related quarantines in cities in Hubei province starting on January 23 and January 24, and rolled out quarantines to additional provinces starting between February 2 and February 10. While it is possible that this reduction in activity might be related to the COVID-19 quarantine measures in China, APT41 may have remained active in other ways, which we were unable to observe with FireEye telemetry,” the security company said.