Naikon, Group Tied to China's Military, Deploys Debilitating New Cyberattack Tool

3 min read Original article ↗

Asia Pacific|China’s Military Is Tied to Debilitating New Cyberattack Tool

https://www.nytimes.com/2020/05/07/world/asia/china-hacking-military-aria.html

Advertisement

SKIP ADVERTISEMENT

You have a preview view of this article while we are checking your access. When we have confirmed access, the full article content will load.

An Israeli security company said the hacking software, called Aria-body, had been deployed against governments and state-owned companies in Australia and Southeast Asia.

Xi Jinping, China’s leader, seen on a screen at the World Internet Conference in Wuzhen, China, in October.Credit...Aly Song/Reuters

On the morning of Jan. 3, an email was sent from the Indonesian Embassy in Australia to a member of the premier of Western Australia’s staff who worked on health and ecological issues. Attached was a Word document that aroused no immediate suspicions, since the intended recipient knew the supposed sender.

The attachment contained an invisible cyberattack tool called Aria-body, which had never been detected before and had alarming new capabilities. Hackers who used it to remotely take over a computer could copy, delete or create files and carry out extensive searches of the device’s data, and the tool had new ways of covering its tracks to avoid detection.

Now a cybersecurity company in Israel has identified Aria-body as a weapon wielded by a group of hackers, called Naikon, that has previously been traced to the Chinese military. And it was used against far more targets than the office of Mark McGowan, the premier of Western Australia, according to the company, Check Point Software Technologies, which released a report on Thursday about the tool.

In the preceding months, Naikon had also used it to hack government agencies and state-owned technology companies in Indonesia, the Philippines, Vietnam, Myanmar and Brunei, according to Check Point, which said the attacks underscored the breadth and sophistication of China’s use of cyberespionage against its neighbors.

“The Naikon group has been running a longstanding operation, during which it has updated its new cyberweapon time and time again, built an extensive offensive infrastructure and worked to penetrate many governments across Asia and the Pacific,” said Lotem Finkelstein, head of the cyberthreat intelligence group at Check Point.

What made these attacks so alarming, according to Check Point and other experts on Chinese cyberespionage, was the intrusive capabilities of Aria-body, the group’s new tool.


Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.


Thank you for your patience while we verify access.

Already a subscriber? Log in.

Want all of The Times? Subscribe.

Related Content

Advertisement

SKIP ADVERTISEMENT