Reuters-US Japan authorities warn of China-linked hacking group BlackTech
September 28, 2023 2 min 305 words
这篇报道揭示了一个严重的网络安全威胁,即与中国有关的黑客组织BlackTech。美国国家安全局、联邦调查局以及日本警方的联合警告表明了这一组织的威胁性质。这个黑客组织已经展示出了修改路由器固件且不被察觉的能力,并利用路由器的域信任关系,从国际子公司进一步攻击日本和美国总部,这是他们的主要目标。 报告还提到BlackTech自2010年左右开始对美国和东亚的政府和科技公司进行网络攻击。另外,2020年,台湾自主的安全机构报告了来自BlackTech和另一黑客组织Taidoor的网络攻击,指出这两者很可能得到了中国共产党的支持。随着美中之间围绕台湾等问题紧张关系的升级,美国安全官员对中国的网络攻击能力提出了更为警告的口气。 这篇报道突显了网络安全的重要性,尤其是跨国公司需要采取措施来保护其网络设备和数据免受潜在威胁。它还凸显了国际合作在解决网络威胁问题上的必要性,包括美国、日本以及澳大利亚、加拿大、新西兰和英国等国的合作。最后,这也提醒我们,网络攻击已成为国际政治和安全的关键议题,需要全球范围内的警觉和合作。
U.S. National Security Agency, Federal Bureau of Investigation and Japanese police jointly warned multinational companies of China-linked hacker group BlackTech in a cybersecurity advisory late on Wednesday.
The joint advisory, which also came from the U.S. Cybersecurity and Infrastructure Security Agency and its Japanese counterpart, urged firms to review the internet routers at their subsidiaries to minimise the risk of potential attack from the group.
"BlackTech has demonstrated capabilities in modifying router firmware without detection and exploiting routers’ domain-trust relationships to pivot from international subsidiaries to headquarters in Japan and the United States, which are the primary targets," the statement said.
BlackTech has been engaging in cyberattacks on governments and tech-sector companies in the United States and East Asia since around 2010, Japan's National Police Agency said in a separate statement.
In 2020, self-ruled Taiwan's security authority reported cyberattacks to some 6,000 government officials' email accounts from Blacktech and another hacking group Taidoor, saying both were likely backed by the Chinese Communist Party.
Amid heightening U.S.-China tensions over issues including Taiwan, U.S. security officials are raising the tone of their warnings against China's cyberattack capabilities. FBI chief Chris Wray earlier this month said China "has a bigger hacking program than every other major nation combined".
In May, cybersecurity authorities of Australia, Canada, New Zealand and the United Kingdom joined the U.S. agencies in issuing an advisory on China's "state-sponsored cyber actor".
Japan, a key U.S. ally in East Asia along with South Korea, was allegedly attacked by Chinese military hackers that gained access to its classified defence networks in 2020, the Washington Post said last month. The Pentagon said it was confident about sharing intelligence with Japan despite the report.