Multiple threat actors originating from China are targeting multiple entities and businesses all around the world. The attackers are frequently targeting government, education, politics, military, financial, and critical infrastructure firms to pilfer sensitive data.

APTs on ferocious attack spree

Several APT groups are actively targeting multiple government and pirate entities around the world. These APTs are believed to be directly or indirectly connected to the Chinese government.
  • Recently, several Japanese firms were targeted by APT40. Japanese government spokesperson claimed that the Chinese government is believed to be behind the attacks.
  • A few days ago, a massive ongoing attack campaign targeted hundreds of victims in Southeast Asia. The campaign was operated by the LuminousMoth APT group, believed to be based in China.
  • Also, U.S. DoJ unsealed charges against four Chinese nationals accused of hacking government agencies and universities around the world for Chinese interests.

What else?

A recent report by the NSA, CISA, and FBI has described more than 50 TTPs Chinese hackers have used while targeting the U.S., along with their allied networks.
  • Recently, the U.S. government had accused the Chinese Ministry of State Security of sponsoring an aggressive cyberattack on Microsoft’s Exchange email systems that happened in March.
  • Moreover, the Government of Norway claimed that a cyberattack on its parliament's e-mail system, on March 10, was sponsored by the Chinese government.
  • In another report, Recorded Future accused a Chinese state-sponsored group of actively targeting telecommunications organizations based in the Philippines, Taiwan, and Nepal.


It is not the first time that China-affiliated hacker groups targeted global entities around the world. However, the frequency and aggression of these attacks have increased greatly. Therefore, organizations are suggested to stay vigilant and develop proactive defense measures.

Cyware Publisher