A damning report by a leading internet security company revealed that hackers working for the Chinese government were able to use basic phishing methods to gain access to the European Union’s diplomatic communications network.
Phishing is a form of cybercrime in which hackers send users an email which looks like it is from a legitimate business, which normally takes them to a lookalike website in order to capture genuine usernames and passwords from them.
Area 1 claims they discovered over 100 organisations including intergovernmental organisations, Ministries of Foreign Affairs, Ministries of Finance as well as trade unions and think tanks were targeted as part of the Chinese government’s cyber campaign.
Attacks also led to a breach in the diplomatic communications network of the European Union, known as COREU, which is a crucial instrument in EU foreign policymaking.
The network operates between all 28 member states and allows diplomats to file cables linked to foreign policy matters.
According to Area 1, more than 1,000 diplomatic cables were stolen by the Chinese after phishing network administrators and other senior staff members, which allowed them to gain unauthorised access to the system.
“Once initial access to a machine is established, the attacker determines what other machines can be connected to, what data is available on those machines, and then rinses and repeats,” the report states.
Files were then stolen from the machines via cloud tools such as Google Drive and other publicly available services.
The report states: “Rather than characterising the attacks as sophisticated we see them as imaginative and persistent. Very little about cyber-attacks is cutting-edge computer science. However, there is a high level of creativity in the diverse phishing lures used to gain access and in the attackers’ ability to identify non-obvious targets that allow them to achieve their desired outcomes.”
It concludes: “Cyber campaigns linked to China have served for many years as a catalyst for both national-security and cybersecurity experts to raise awareness and allocate resources to an issue historical relegated to the basements of organisations.
“After years of publicly censuring the PRC for cyber-based economic espionage, Washington and Beijing reached an agreement in 2015 to curtail the hacking of private companies for commercial gain.