Recorded Future that offers Enterprise Security Intelligence to American companies has revealed that there has been a persistent cyber threat to Indian Defense and Telecom sector from Chinese Military Intelligence since 2014.
This news was disclosed to the world in a media update released by Insikt Group, the business unit of Recorded Future. And the update states that China has been spying on the developments taking place in the Defense and Telecom sector of India through compromised equipment.
Threat research carried out by Insikt has found that a hacking group dubbed as RedFoxTrot has been assigned the task to infiltrate Indian Critical Networks and reports are in that the said group is being led by some former officers who worked for Chinese Intelligence before 2014.
The good news is that the threat group has only succeeded in compromising only 13 networks belonging to the Indian subcontinent out of thousands of cyberattacks launched on public and private firms operating in aerospace, defense, telecom, mining, and research institutes belonging to the medical field.
What’s interesting about these attacks is that the group has so far targeted only companies operating in Asia and might have links to the People’s Liberation Army aka PLA Unit 69010 based in Xinjiang, China, and suspected to be funded by China’s Ministry of State Security (MSS).
Furthermore, RedFoxTrot is believed to have a large-scale operational infrastructure that employs publicly available malware families such as Icefog, PlugX, Royal Road, Poison Ivy, and ShadowPad along with PCShare in its malware campaigns.