A new attack campaign originating from computers in China has infiltrated satellite communications, telecoms, geospatial imaging, and defence organisations in the US and Southeast Asia, warns cybersecurity giant Symantec.
The latest campaign is being conducted by the Thrip group, security researchers at Symantec said on Tuesday.
"This is likely espionage," Greg Clark, Symantec CEO, said in a statement.
"Alarmingly, the group seems keenly interested in telecom, satellite operators, and defence companies. We stand ready to work with appropriate authorities to address this serious threat," Clark added.
Symantec said it has been monitoring Thrip since 2013, and has discovered new tools and techniques used by the group in this most recent set of attacks.
The company said its Artificial Intelligence (AI)-based "Targeted Attack Analytics" (TAA) technology helped researchers expose the new attack campaign from the Thrip group.
TAA leverages AI and advanced machine learning to comb through Symantec's data lake of telemetry in order to spot patterns associated with targeted attacks.
"The Thrip group has been working since 2013 and their latest campaign uses standard operating system tools, so targeted organisations won't notice their presence," Clark said.
"They operate very quietly, blending in to networks, and are only discovered using AI that can identify and flag their movements."
From an initial alert triggered by TAA in January 2018, Symantec researchers were able to follow a trail that enabled them to determine that the campaign originated from machines based in mainland China.
Using these techniques, TAA detected suspicious behaviour despite the group's use of legitimate operating system features and network administration tools in an attempt to evade detection.
This technology also uncovered the use of custom malware in these attacks, as well as identifying the types of organisations targeted, Symantec said.
Mahadev betting scam: Actress Tamannaah Bhatia summoned by Maha Police
Bollywood actress Tamannaah Bhatia has been summoned by the Maharashtra Cyber Police for the ongoing investigations into the multi-crore Mahadev online gambling and betting scam, officials here said on Thursday.
Hundreds of students arrested across US in surging pro-Palestine protests
Hundreds of students have been arrested on US campuses as protests against Washington’s support for Israel are surging sea to sea.
India calls for ‘gender-responsive arms control’ to prevent sexual violence in conflicts
To combat sexual violence in conflict situations, India has advocated a multifaceted approach which includes “gender-responsive arms control” that prevents the proliferation of weapons.
Pressing UNSC reforms, India highlights consensus in G20 with broader membership
Pressing the case for Security Council reforms, India has highlighted the consensus arrived at the more representative G20 Summit on issues that could not make it through the UN's highest decision-making body stuck in a "cold war" mode.
Salman house firing case: Mumbai cops fish out arms, ammunition from River Tapi in Surat
In a big breakthrough, the Mumbai Police have recovered some arms and ammunition that were reportedly used in the firing at the house of Bollywood megastar Salman Khan on April 14, official sources said on Tuesday.
Mexico-based Indian scientist leading fight against wheat diseases receives Padma Shri
Ravi Prakash Singh, the Mexico-based scientist who received the Padma Shri award, has been hailed for his achievement in making wheat strains resistant to rust diseases,
Congress in Tripura blocks rail stations to protest police fired-killing of 5 farmers in MP
The firing on Tuesday came during raucous protests to demand better crop prices in the drought-ravaged region that saw one farmer suicide every five hours in the past two years.
DMs, SPs of violence-hit MP districts transferred
The farmers agitation entered its eighth day on Thursday. The peasants have been on strike since June 1, demanding loan waiver and fair price for their produce.