A group of Chinese cyber actors, known publicly as APT 10, is conducting a campaign of cyber-enabled theft targeting global managed service providers, cloud service providers, and their clients, the U.S. Government reported.
The Department of Energy (DOE) recently said APT 10, which is operating on behalf of the Chinese Ministry of State Security, has gained extensive access to multiple U.S. and global managed service and cloud providers over the past four years. They have infiltrated global companies located in at least 12 countries.
The U.S. Government is taking steps to negate their impacts and hold the Chinese government accountable for these actions.
“As the Secretary for the Sector Specific Agency for cybersecurity in the energy sector, I have no higher priority than protecting our nation’s energy infrastructure against the threat of cyberattacks,” Secretary of Energy Rick Perry said. “Malicious actors are conducting sophisticated attacks to threaten our Nation’s critical infrastructure. Today’s announcement affirms our government’s vigilance and resolve to respond swiftly and forcefully against those who would use technology to threaten our way of life.”
APT 10 conducts the theft by using a mix of sophisticated custom malware and off-the-shelf applications. Doing so, they have stolen intellectual property and other confidential business information. They are targeting information from companies responsible for critical infrastructure, including entities in the information technology, energy, healthcare and public health, communications, and critical manufacturing sectors.
“In our capacity to protect and coordinate with the energy sector, the Department of Energy is dedicated to working with our government and industry partners to strengthen the preparedness and resilience of both the electricity and oil and natural gas sectors,” Karen Evans, assistant secretary for Cybersecurity, Energy Security and Emergency Response (CESER), said. “As the Sector Specific Agency, DOE’s CESER is committed to addressing these aggressive cybersecurity threats and keeping the nation’s critical energy infrastructure safe and secure.”