China-based hacking group known as APT10 has launched spear-phishing cyber attacks on IT firms based in London. United Kingdom’s National Cyber Security Centre (NCSC) has confirmed this news and added that the aim of these cybercriminal gangs is to steal private data along with intellectual properties and use them as a proxy for future attacks.
The report, which is co-authored by cyber units of defense group BAE systems and accountancy firm PwC, has delineated the attack as one of the biggest ever sustained global espionage campaigns.
APT10 is active since 2014 but reportedly levitated up its attacks in late 2016 along with Russia’s Fancy Bear also known as APT28.
BBC reports that the spear phishing attack took place in three stages on IT companies of UK. In the first stage of the attack, emails containing hidden malware were sent to key staff of IT firms. Once the hacker won access they sought out intellectual property and other sensitive data. And then they either locked down the database or sold the info to the dark web.
NCSC recently discovered that APT10 could be a state-sponsored group, or could be a group providing lifeline info to the government authorities on financial and trade secrets.
Although the most number of attacks were launched on IT firms based in UK and Japan, companies in nations such as France, US, Canada, New Zealand, Sweden and Australia were also victimized.
As the intensity of attacks has increased in the cyberspace world, UK Government has put solid support around the nation by strengthening the combating skills of its newly funded National Cyber Security Centers against cyber security threats.
Note- NCSC is an organization in the United Kingdom which was formed in October 2016 and provides the advice and support for the public and private sector in how to avoid cyber attacks.