A US-based cyber security group has claimed that a China-based cyber espionage group is now trying to steal confidential business data from Indian firms to support corporations in their country.
The claim, if believed completely, raises an alarm for the IT service providers and manufacturing companies in India.
FireEye, who has been tracking APT10 since 2009, said that the Chinese espionage group have a history of targeting government and private firms in US, Europe, and Japan.
The group always had an eye on construction, engineering, aerospace, telecom firms and governments. Now the APT10 has set its eye on the operations of firms in India.
"IT services have been a core engine of India's economic growth, with service providers here scaling the value chain to manage business-critical functions of top global organisations. Campaigns like this highlight risks which all organisations should factor into their operations," said Kaushal Dalal, Managing Director, FireEye, India, in a statement on Monday.
APT10 activity has included both traditional spear phishing and access to victim's networks through service providers.
Service providers have significant access to customer networks, enabling an attacker who had compromised a service provider to move laterally into the network of the service provider's customer.
"Targeting of these industries has been in support of Chinese national security goals, including acquiring valuable military and intelligence information as well as the theft of confidential business data to support Chinese corporations," said FireEye in an earlier blog post.
In addition, web traffic between a service provider's customer and a service provider is likely to be viewed as benign by network defenders at the customer, allowing the attacker to exfiltrate data stealthily.
(Inputs from IANS)
