US firm uncovers Chinese espionage campaign 'OperationCuckooBee'
Wednesday, June 29, 2022
  • Circulation
  • Advertise
  • About Us
  • Contact Us
Organiser
  • ‌
  • Bharat
  • World
  • Editorial
  • Analysis
  • Opinion
  • Defence
  • Sports
  • Business
  • More
    • RSS in News
    • Special Report
    • Culture
    • Sci & Tech
    • Entertainment
    • Education
    • Books
    • Interviews
    • Travel
    • Health
    • Obituary
SUBSCRIBE
No Result
View All Result
Organiser
  • ‌
  • Bharat
  • World
  • Editorial
  • Analysis
  • Opinion
  • Defence
  • Sports
  • Business
  • More
    • RSS in News
    • Special Report
    • Culture
    • Sci & Tech
    • Entertainment
    • Education
    • Books
    • Interviews
    • Travel
    • Health
    • Obituary
No Result
View All Result
Organiser
No Result
View All Result
  • Home
  • Bharat
  • World
  • Editorial
  • Opinion
  • Analysis
  • Culture
  • Defence
  • RSS in News
  • Subscribe
Home World

US firm uncovers Chinese espionage campaign ‘OperationCuckooBee’

Operation Cuckoo Bees research is the culmination of a 12 month investigation that highlights the intricate and extensive efforts of the Chinese state-sponsored Winnti Group (APT 41) to abscond with proprietary information from dozens of global organizations.

WEB DESK by WEB DESK
Jun 6, 2022, 05:11 pm IST
in World
Share on FacebookShare on TwitterTelegramEmail

Massachusetts [US]: A global cyber espionage campaign dubbed “OperationCuckooBees” has been uncovered, targeting manufacturers across North America, Europe and Asia in the Defense, Energy, Aerospace, Biotech and Pharma industries.

According to Boston based company Cybereason, this is one of the largest IP theft campaigns of its kind coming from China.

Cybereason last month published new research on Operation CuckooBees, a 12-month investigation into Winnti Group’s global cyber espionage campaign targeting manufacturers across the world.

“Operation Cuckoo Bees research is the culmination of a 12 month investigation that highlights the intricate and extensive efforts of the Chinese state-sponsored Winnti Group (APT 41) to abscond with proprietary information from dozens of global organizations. The most alarming revelation is that the companies weren’t aware they were breached, going some as far back as at least 2019, giving Winnti free unfiltered access to intellectual property, blueprints, sensitive diagrams and other proprietary data,” said Lior Div, Cybereason CEO and Co-founder.

During its investigation, Cybereason discovered that Winnti conducted Operation CuckooBees undetected since at least 2019, likely siphoning thousands of gigabytes of intellectual property and sensitive proprietary data from dozens of companies.

Cybereason published two reports, the first examining the tactics and techniques of the overall campaign, and the second providing a detailed analysis of the malware and exploits used.

Based on the analysis of the forensic artifacts, Cybereason estimates with medium-high confidence that the perpetrators of the attack are linked to the notorious Winnti APT group. This group has existed since at least 2010 and is believed to be operating on behalf of Chinese state interests and specializes in cyber espionage and intellectual property theft.

Other key findings include the discovery of a sophisticated and elusive cyber-espionage operation with the goal of stealing sensitive proprietary information from technology and manufacturing companies mainly in East Asia, Western Europe, and North America.

The reports expose a previously undocumented malware strain called DEPLOYLOG used by the Winnti APT group, and highlights new versions of known Winnti malware, including Spyder Loader, PRIVATELOG, and WINNKIT.

The reports include an analysis of the complex infection chain that led to the deployment of the WINNKIT rootkit composed of multiple interdependent components.

According to the report, the attackers implemented a delicate “house of cards” approach, where each component depends on the others to execute properly, making it very difficult to analyze each component separately.

“The security vulnerabilities that are most commonly found in campaigns such as Operation CuckooBees are exploited because of unpatched systems, insufficient network segmentation, unmanaged assets, forgotten accounts and lacking multi-factor authentication products. Although these vulnerabilities may seem be easy to fix, day-to-day security is complex and it’s not always easy to implement mitigations at a grand scale. Defenders should follow MITRE and/or similar frameworks in order to make sure that they have the right visibility, detection and remediation capabilities in place to protect their most critical assets,” added Div. (ANI)

 

Topics: USChinaWorldespionage
ShareTweetSendShareSend
Previous News

Vice President Venkaiah Naidu visits Qatar National Museum in Doha

Next News

Qatar: 6500 labourers died, 24,000 suffered Human Rights abuses on World Cup 2022 projects

Related News

China’s claims over Tibet baseless; Tibet was never a part of China before PRC invasion in 1950, says Official Records

China’s claims over Tibet baseless; Tibet was never a part of China before PRC invasion in 1950, says Official Records

China to relocate 17,000 Tibetan people, claims to improve ‘living conditions and protect environment’

China to relocate 17,000 Tibetan people, claims to improve ‘living conditions and protect environment’

G7 leaders pledge $600 billion for developing countries

G7 leaders pledge $600 billion for developing countries

Communist China uses textbooks as new weapons of propaganda to brainwash Hong Kong school children

Communist China uses textbooks as new weapons of propaganda to brainwash Hong Kong school children

WHO to convene emergency meeting over monkeypox outbreak

World Health Network declares Monkeypox outbreak a public health emergency

China’s appalling behaviour in South China Sea akin to what India saw at LAC: Australian Defence Minister

China’s appalling behaviour in South China Sea akin to what India saw at LAC: Australian Defence Minister

Comments

The comments posted here/below/in the given space are not on behalf of Organiser. The person posting the comment will be in sole ownership of its responsibility. According to the central government's IT rules, obscene or offensive statement made against a person, religion, community or nation is a punishable offense, and legal action would be taken against people who indulge in such activities.

Latest News

“Modi, listen, this knife will reach your neck as well,” shout Islamists after beheading Hindu man in Udaipur

“Modi, listen, this knife will reach your neck as well,” shout Islamists after beheading Hindu man in Udaipur

Rajasthan: Islamists beheaded Kanhaiya Lal after his son made social media posts supporting Nupur Sharma

Rajasthan: Islamists beheaded Kanhaiya Lal after his son made social media posts supporting Nupur Sharma

Anti-Defection Law: Will the Shiv Sena Rebel MLAs emerge unscathed?

Anti-Defection Law: Will the Shiv Sena Rebel MLAs emerge unscathed?

Gujarat Police arrests Teesta Setalvad; says ‘not cooperating’, seeks 14-day custody

How Teesta Setalvad & Co manipulated victims and created a business model based on Gujarat riots?

Fake news peddler Mohammed Zubair formatted his phone before arrest; Delhi Police seeks more time for interrogation

Fake news peddler Mohammed Zubair formatted his phone before arrest; Delhi Police seeks more time for interrogation

MAHA Revolt Upsets Uddhav Thackeray’s Apple Cart

MAHA Revolt Upsets Uddhav Thackeray’s Apple Cart

Maha political crisis: Eknath Shinde claims support of 50 Shiv Sena MLAs, says will return to Mumbai shortly

Maha political crisis: Eknath Shinde claims support of 50 Shiv Sena MLAs, says will return to Mumbai shortly

Agnipath, a Potential Gamechanger

Agnipath, a Potential Gamechanger

China’s claims over Tibet baseless; Tibet was never a part of China before PRC invasion in 1950, says Official Records

China’s claims over Tibet baseless; Tibet was never a part of China before PRC invasion in 1950, says Official Records

Here is why Mohammed Zubair, co-founder of leftist propaganda site AltNews was arrested

Here is why Mohammed Zubair, co-founder of leftist propaganda site AltNews was arrested

  • Privacy
  • Terms
  • Cookie Policy
  • Refund and Cancellation
  • Delivery and Shipping Policy

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies

No Result
View All Result
  • Home
  • Bharat
  • World
  • Editorial
  • Analysis
  • Opinion
  • Defence
  • Culture
  • Sports
  • Business
  • RSS in News
  • Special Report
  • Sci & Tech
  • Entertainment
  • Education
  • Books
  • Interviews
  • Travel
  • Health
  • Obituary
  • Subscribe
  • Advertise
  • Circulation
  • About Us
  • Contact Us
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
  • Refund and Cancellation

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies