Cybersecurity firm FireEye confirmed that Chinese hackers have launched cyberattacks on several US engineering and maritime companies involved in the South China Sea.
The suspected hacker group behind the attacks, TEMP.Periscope, appeared to have staged the attacks in an attempt to steal information that would benefit the Chinese government, the firm said.
“The current wave of identified intrusions is consistent with TEMP.Periscope and likely reflects a concerted effort to target sectors that may yield information that could provide an economic advantage, research and development data, intellectual property, or an edge in commercial negotiations,” a statement on the firm’s website read.
FireEye senior analyst Fred Plan noted that the hackers have focused on US maritime entities that either have connections to or have clients operating in the South China Sea.
“They are going after data that can be used strategically, so it’s in line with state espionage,” Plan said. “A private entity probably wouldn’t benefit from the sort of data that is being stolen.”
Plan observed that suspected Chinese cyberattack activity on US targets – which may or may not be state-sponsored – has surged in recent months, despite a 2015 agreement between both sides that neither would target civilian entities.
Bloomberg reported that although FireEye has traced the group’s attacks to China, it has yet to confirm if TEMP.Periscope has any link to Chinese government entities or facilities. The cybersecurity firm also noted that similar other maritime organizations in Europe and at least one another group in Hong Kong were also affected by a data breach by the hackers.