European Cyber Agencies Warn Espionage Threat From CCP

According to foreign media reports on February 17th, The European Union Agency for Cybersecurity and CERT-EU disclosed six APT groups under the Chinese state are targeting European networks and organizations that are of strategic importance. They are APT 27, APT 30, APT 31, Ke3chang, Gallium and Mustang Panda. In the report, after EU denounced a flurry of Chinese hacking and called on the Chinese regime to tamp down malicious cyber activities, in July 2022, Belgium’s ministries of interior and defense was under cyber attacks, which attributed to to APT 27, APT 30 and APT 31, UNC 2814, Gallium and Softcell. And in March 2022, TA416 – a CCP APT group known for targeting victims in the civil society sector, hacked European diplomats. Before each attack, threat actors authorized by the CCP normally conduct extensive reconnaissance activities. For instance, APT 31 uses a botnet consisting of compromised small office routing devices to contact the victims anonymously. Once the threat actors have identified their victims, the groups send “well-crafted phishing lures,” then they exploit vulnerabilities to gain initial access on the victim’s networks. These cyber threats are highly likely part of the retaliations of the Chinese regime after many European counties toughened up their attitude towards Beijing due to it’s support for Russia and persecution of Uyghur Muslims and people of other Muslim ethnicities.