NHK, a Japan-based news resource, has published that a cyber attack launched by a hacking group linked to Chinese military targeted nearly 200 research firms and institutions from Japan.
The report includes the fact that China was taking servers on rent in Japan in the name of IT development and was indulging in disruption tactics by launching state funded digital attacks on critical infrastructure.
Law enforcement agencies have discovered that the servers were taken on lease by the China Communist Party and were actually using them to launch cyber attacks.
And the highlight of the discovery is that the attack vector has been active since 2016 and the first company to become a victim was the Japanese Space Agency JAXA.
TICK, a hacking group funded by People’s Liberation Army is said to be involved in the attack and is reported to be active since 2009. Its prime targets have so far been government agencies and research institutes operating in Japan”, says John Hultquist, Vice President of Intelligence Analysis, NHK Japan.
FireEye Director Ben Reed supported the analysis of the Japanese Public Broadcaster and stated that TICK’s aim was to focus on companies that were operating in Asia-Pacific region and its main aim was to steal sensitive intellectual property from organizations involved in defense, heavy industry, aerospace technology, banking, healthcare and automotive sectors.
In Feb’2021 TICK was also involved in the infiltration of a corporate network that was possible by exploiting vulnerability in Microsoft’s Exchange Server flaw.