.jpg)
1 hour ago
2
Article content
(Bloomberg) — An Asian cyber-espionage group has spent the past year breaking into computer systems belonging to governments and critical infrastructure organizations in more than 37 countries, according to the cybersecurity firm Palo Alto Networks, Inc.
THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
SUBSCRIBE TO UNLOCK MORE ARTICLES
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
REGISTER / SIGN IN TO UNLOCK MORE ARTICLES
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
THIS ARTICLE IS FREE TO READ REGISTER TO UNLOCK.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account
- Share your thoughts and join the conversation in the comments
- Enjoy additional articles per month
- Get email updates from your favourite authors
Sign In or Create an Account
or
Article content
The state-aligned attackers have infiltrated networks of 70 organizations, including five national law enforcement and border control agencies, according to a new research report from the company. They have also breached three ministries of finance, one country’s parliament and a senior elected official in another, the report states. The Santa Clara, California-based firm declined to identify the hackers’ country of origin.
Article content
Article content
Article content
The spying operation was unusually vast and allowed the hackers to hoover up sensitive information in apparent coordination with geopolitical events, such as diplomatic missions, trade negotiations, political unrest and military actions, according to the report.
Article content
By signing up you consent to receive the above newsletter from Postmedia Network Inc.
Article content
They used that access to spy on emails, financial dealings and communications about military and police operations, the report states. The hackers also stole information about diplomatic issues, lurking undetected in some systems for months.
Article content
“They use highly-targeted and tailored fake emails and known, unpatched security flaws to gain access to these networks,” said Pete Renals, director of national security programs with Unit 42, the threat intelligence division of Palo Alto Networks. “Espionage appears to be the main motivation behind these attacks as the actors frequently seek access to email communications and other sensitive data.”
Article content
The US Cybersecurity and Infrastructure Security Agency said it was aware of the campaign. The agency is working with its partners to stop hackers from exploiting any of the vulnerabilities identified in the report, said Nick Andersen, CISA’s executive assistant director for cybersecurity.
Article content
Article content
Representatives of the FBI and CIA declined to comment. The NSA didn’t respond to a request for comment.
Article content
Palo Alto Networks researchers confirmed that the group successfully accessed and exfiltrated sensitive data from some victims’ email servers. The company said it notified the victims and offered them assistance. It also identified some of them in its report, an unusual step for a cybersecurity firm.
Article content
Some of the hackers’ actions coincided with issues and events of particular import to the government of China.
Article content
One suspected breach came the day after US military and law enforcement captured the Venezuelan leader Nicolas Maduro.
Article content
As early as January 4, the hackers “likely compromised” a device associated with a facility operated by Venezolana de Industria Tecnológica, an organization founded as a joint venture between Venezuela’s government and an Asian tech firm, according to the report. Venezolana de Industria Tecnológica didn’t respond to an email seeking comment.
Article content
Another hacking campaign targeted government entities in the Czech Republic.
Article content
In July 2025, Czech President Petr Pavel met with the Dalai Lama. In the following weeks, the hackers conducted reconnaissance on Czech government targets including the Army, police, Parliament and Ministry of Foreign Affairs, according to the report.
English (US)