Title: U.S., Japanese Authorities Issue Warning on China-Linked Hacker Group BlackTech
Date: September 28, 2022
In an advisory released on Wednesday, the U.S. National Security Agency, Federal Bureau of Investigation (FBI), and Japanese police have jointly warned multinational companies about the activities of the China-linked hacker group BlackTech. The advisory, which was also supported by the U.S. Cybersecurity and Infrastructure Security Agency and its Japanese counterpart, highlights the need for companies to review their internet routers at subsidiaries to minimize the risk of potential attacks from the group.
According to the statement, BlackTech has displayed advanced capabilities in modifying router firmware without detection and leveraging routers’ domain-trust relationships to move from international subsidiaries to the headquarters located in Japan and the United States, which are their primary targets.
The Japan’s National Police Agency issued a separate statement, revealing that BlackTech has been involved in cyberattacks targeting governments and tech-sector companies in the United States and East Asia since around 2010. These findings align with the earlier reports from Taiwan’s security authority in 2020, which indicated cyberattacks on approximately 6,000 government officials’ email accounts. Both BlackTech and another hacking group called Taidoor were reportedly backed by the Chinese Communist Party.
The warning comes at a time when tensions between the United States and China have been escalating, with a particular focus on issues such as Taiwan. U.S. security officials have increasingly emphasized China’s cyberattack capabilities, with FBI Chief Chris Wray stating earlier this month that China possesses a larger hacking program than all other major nations combined.
This advisory is not an isolated event. In May, the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom joined U.S. agencies in warning about China’s “state-sponsored cyber actor.” Additionally, last month, The Washington Post reported that Chinese military hackers had gained access to Japan’s classified defense networks in 2020. Despite the report, the Pentagon expressed confidence in sharing intelligence with Japan.
The joint advisory serves as a reminder to multinational companies to bolster their cybersecurity measures, particularly in relation to internet routers. It highlights the ongoing threat posed by BlackTech and raises concerns about the potential vulnerabilities in subsidiary networks that could be exploited to gain unauthorized access to headquarters in Japan and the United States.
With cybersecurity becoming an increasingly critical issue, governments and organizations worldwide must remain vigilant in their efforts to protect sensitive information and secure their digital infrastructures.
Reporting by Kantaro Komiya; Editing by Michael Perry
Source: Reuters