U.S. Issues Alert About Malware Used by Chinese Government
The U.S. government issued an alert Monday that a type of malware seen frequently by security researchers in the last decade is tied to the Chinese government, the latest in a series of American warnings about China’s cyber capabilities this summer.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, and the Department of Defense “identified a malware variant used by Chinese government cyber-actors, which is known as Taidoor,” according to the alert. The purpose of the alert, which contained no information about the prevalence of the malware or who has been targeted, is to “enable network defense and reduce exposure to Chinese government malicious cyber-activity.”
While this type of malware has been used since 2008, the Chinese government continues to leverage it in ongoing espionage to gain intelligence, according to a U.S. Cyber Command official, who requested anonymity as is the agency’s policy.
The cybersecurity firms FireEye Inc. and CrowdStrike have seen Taidoor malware used by multiple China-based groups targeting the U.S. and Asia but have observed a recent decline in its use.
In the past, the malware has hit sectors including law, nuclear power, airlines, engineering, defense industrial base, technology, government and aerospace, according to the cybersecurity firms. It’s commonly sent in spearphishing attacks and used to gain access to systems, said Ben Read, a senior manager of analysis at FireEye.
The government’s decision to publicly connect Taidoor to China comes as President Donald Trump plans to order China’s ByteDance Ltd. to divest its ownership of the music-video app TikTok amid a U.S. investigation of potential national security risks. In May, the U.S. warned organizations researching coronavirus of “likely targeting and attempted network compromise” by China.
- Poll: Consumers OK with AI in P/C Insurance, but Not So Much for Claims and Underwriting
- Johnson Controls Unit to Pay $750M to Settle ‘Forever Chemicals’ Lawsuit
- Property Restoration Industry: A Culture in Need of Repair?
- Report: Vehicle Complexity, Labor ‘Reshaping’ Auto Insurance and Collision Repair
- Ship Owner in Bridge Collapse Seeks to Limit Its Liability
- Mother of 8-Year-Old ‘Violently Sucked’ into Houston Hotel Pool Files Wrongful Death Suit
- Poll: Consumers OK with AI in P/C Insurance, but Not So Much for Claims and Underwriting
- Dog-Related Injury Claim Payouts Hit $1.12B in 2023, Report Shows