Chinese hackers targeting satellite and defense firms, researchers find

Symantec said it first noticed the campaign in January, although it has been monitoring the hacking group it dubbed "Thrip" since 2013.

Reading Time:2 minutes

The sophisticated attack, which relied on custom malware as well as more commonly used hacker tools, originated from computers inside China, according to Symantec. Photo: Getty Images

Published: 10:47am, 20 Jun 2018Updated: 10:47am, 20 Jun 2018

This story is being published by the South China Morning Post as part of a content partnership with POLITICO. It was reported by Tim Starks and originally appeared on politico.com on June 19, 2018.

Chinese hackers are waging a wide-ranging cyber espionage campaign against satellite operators, telecommunication companies and defense contractors in the U.S. and Southeast Asia, a cybersecurity company said Tuesday.

The firm Symantec said it first noticed the campaign in January, although it has been monitoring the hacking group it dubbed "Thrip" since 2013. This year, Symantec detected "powerful malware" in Asia that it believes the hackers deployed to carry out spying operations and potentially destructive attacks.

The news comes as tensions are rising between China and the U.S. over cybersecurity issues. Senators voted Monday to reverse a Trump administration trade deal to save the Chinese telecom giant ZTE due to lawmakers' concerns that Beijing could use the firm's tech to carry out espionage operations in the U.S.

What's more, President Donald Trump has accused the Chinese government of not honoring an Obama administration deal with China that forbids cyber theft of intellectual property between the two nations.

Thrip's interest in targeting a satellite communications operator indicates it is interested in more than just stealing data, according to Symantec.