US trade lobbying group attacked by suspected Chinese hackers

The lobbying group has pledged to work on U.S.-China trade issues with President Trump

A group of what appears to be Chinese hackers infiltrated a U.S. trade-focused lobbying group as the two countries wrestle with how they treat imports of each other's goods and services.

The APT10 Chinese hacking group appears to be behind a "strategic web compromise" in late February and early March at the National Foreign Trade Council, according to security vendor Fidelis Cybersecurity.

The NFTC lobbies for open and fair trade and has pledged to work with U.S. President Donald Trump to "find ways to address Chinese policies that frustrate access to their market and undermine fair trade, while at the same time encouraging a positive trend in our trade relationship." Trump will meet with China President Xi Jinping in Florida this week.

The lobbying group discovered the attack almost immediately and took steps to remove the malware and protect website visitors, a source close to the group said.

It is "highly probable" that the web attack targeted key private-sector organizations focused on U.S. trade policy, Fidelis Cybersecurity said in a blog post. The company's research has found a similar operation targeting government officials in Japan, it said.

"The connections we can draw from the Japanese campaign lead us to estimate that it is highly probable that the actors involved are known as APT10," a well-known Chinese hacking group.

The attack on the lobbying group, dubbed Operation TradeSecret by Fidelis, targeted visitors to some of the organization's web pages, including one used to register for meetings. The attacks served reconnaissance malware known as Scanbox, Fidelis said.

Scanbox is typically used by hackers associated with or sponsored by the Chinese government, the company said. It gives hackers multiple capabilities, including JavaScript keyloggers installed on target PCs. The information gathered with this reconnaissance can be used in phishing campaigns directed toward targeted individuals. These campaigns can then exploit specific vulnerabilities known to exist within the user's applications.

The information gathered can then be used in phishing campaigns targeting specific computer users, Fidelis said.

"The benefit of such a watering-hole attack is that it enables the adversary to target key individuals as they go about their business," said Hardik Modi, vice president for threat research at Fidelis. "Big business plays a key role in the formulation of trade policy in the U.S., and our expectation is that this campaign was about gathering intelligence in advance of the negotiations that accompany the [U.S.-China] summit."

Lobbying groups are particularly attractive targets, Modi added by email. They are "in a difficult position because they often have a sensitive membership and can be an easy conduit for the adversary to target the specific interest group they're interested in," he said. "This has been part of cyber tradecraft for a long time now."

This type of espionage is "an age-old tradition for governments," he added.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?