Researchers claim intelligence services targeted Chinese airline

Updated: 2016-08-09 11:06

By Faisal Kidwai(

  Print Mail Large Medium  Small 分享按钮 0

Security researchers on Monday revealed the discovery of a cyber-espionage group that has targeted at least seven companies in four countries since 2011.

One of the targets allegedly included a Chinese airline, according to California-based computer security company Symantec.

It said in a report that a previously unknown group called Strider has carried out spying attacks against selected targets in China, Russia, Sweden and Belgium. Symantec added that the hacking group used an advance piece of malware known as Remsec to target organizations and individuals that would be of interest to national intelligence services.

The cyber-espionage group used Remsec to gain access to organization's network and then stole files and other data. By living on the network, rather than on individual computers, the hackers not only had full control of infected machines, but also avoid detection.

In a separate report also released on Monday, Kaspersky, a Russia-based software security group, said the targets included government agencies, scientific research centers, military entities, telecoms providers and financial institutions.

It added that the techniques used by the spying group, such as piggybacking on known protocols, bypassing air-gaps using hidden data partitions on USB sticks and taking control of network domain servers, all point to a nation-state sponsored attack.

It estimated that the whole development and operation of the malware, which it called top-of-the-top in terms of sophistication, would have required several specialist teams and a multi-million dollar budget.

This is of course not the first time that a national intelligence service has been accused of hacking networks and computers for spying purposes.

Edward Snowden, the NSA whistleblower, revealed the extent and depth of spying that US intelligence services carry out everyday across the world.