Introduction
APT 5 is a group of hackers that are sponsored by the Chinese government. It began in the year 2007 and consisted of various subgroups that have specific infrastructure and tactics. It has targeted and breached different organizations in multiple industries. Its major focus is on telecommunications and technology organizations with special interests in the satellite communication companies (Catalin, 2019). Its attacks are executed with the aid of a malware referred to as LEOUNCIA. The malware with keylogging capabilities is put into use during the targeting of telecommunication companies' executives, employees, and corporate networks.
What is their end goal? What type of victim do they tend to target?
It can be established that the critical victims of APT 5 are regional telecommunication service providers, the Asian based employees of tech firms and various global telecommunications companies, military application technology, as well as High-Tech manufacturers (Catalin, 2019). It can be observed in their attack of Pulse Secure VPN and Fortinet servers through internet scanning, where they capitalize on vulnerabilities including CVE-2019-11510 for Pulse Secure and CVE-2018-13379 for Fortinet (Catalin, 2019). The vulnerabilities are used in stealing files that store password information alongside VPN session data from the files that have been affected. APT 5 has its primary goal of aiding the Chinese government in monitoring sensitive traffic alongside stealing user credentials.
How technologically savvy is the actor based on its tools and techniques?
They undertake their attacks by the use of a tool that facilitates their entry into the networks of victims to perform their objectives. One of them is the use of LEOUNCIA. It is a powerful malware designed and has the capability of taking complete control of the infected machine, systems, and networks. Its antivirus is very limited making it rare to detect mainly using generic heuristics (Jeff, 2019). Thus, it can be effective in penetrating the target victim's networks and collect the required information for the Chinese government. It uses HTTP in undertaking custom obfuscated payload. Its obfuscation techniques are much sophisticated, and it effectively hides from signature-based sensors (Jeff, 2019). Finally, since it offers a wide variety of features, it has excellent functionality in entering various target systems and retrieving the required sets of information.
Does the actor favor one type of attack or exploit over others, etc.?
The actor has used LEOUNCIA malware to favor one type of attack. Such attacks are targeted on enterprise VPN servers belonging to telecommunication companies (Jeff, 2019). Also, it is used in the exploitation of outdated virtual private networks in the espionage of international targets.
References
Atif, M. (2010). Retrieved from https://www.fireeye.com/blog/threat-research/2010/12/leouncia-yet-another-backdoor.html
Catalin, C. (2019). A Chinese APT is now going after Pulse Secure and Fortinet VPN servers. Retrieved from https://www.zdnet.com/article/a-chinese-apt-is-now-going-after-pulse-secure-and-fortinet-vpn-servers/
Jeff, S. (2019). ATP groups are exploiting outdated VPNs to spy on international targets, U.K. and U.S. warn. Retrieved from https://www.cyberscoop.com/vpn-vulnerabilities-china-apt-palo-alto/
Cite this page
APT5: Chinese-Sponsored Hackers Targeting Global Organizations - Essay Sample. (2023, Apr 24). Retrieved from https://proessays.net/essays/apt5-chinese-sponsored-hackers-targeting-global-organizations-essay-sample
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Security of Electronic Devices Essay
- Hacking Ethical Dilemma and Financial Security and Moral Concern Essays
- Response Essay on Cyberspace and Cybersecurity
- Introduction to Computer Security - Essay Sample
- Essay Example on Big Data: How to Measure and Improve Strategically?
- Paper on Shadow Health Clinic: 24/7 Digital Clinical Experience for Patients
- Free Essay Sample on Social Media Revolution: Impact on Our Daily Lives