shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > Technology News > India targeted through cyber intrusions by RedFoxtrot linked to Chinese military

India targeted through cyber intrusions by RedFoxtrot linked to Chinese military

Updated on: 18 June,2021 10:03 AM IST  |  New Delhi
IANS |

Recorded Future, the world's largest provider of intelligence for enterprise security, on Thursday, revealed cyber espionage activity attributed to a suspected Chinese state-sponsored threat activity group, named RedFoxtrot by Recorded Future's threat research arm Insikt Group

India targeted through cyber intrusions by RedFoxtrot linked to Chinese military

Photo for representational purpose. Picture Courtesy/iStock

Active since 2014, RedFoxtrot predominantly targets aerospace and defense, government, telecommunications, mining, and research organisations in India among other countries.


The other countries are Afghanistan, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan, aligning with the operational remit of PLA Unit 69010.


Recorded Future, the world's largest provider of intelligence for enterprise security, on Thursday, revealed cyber espionage activity attributed to a suspected Chinese state-sponsored threat activity group, named RedFoxtrot by Recorded Future's threat research arm Insikt Group.


Insikt Group identified specific ties between RedFoxtrot's activity and the Chinese military intelligence apparatus, the People's Liberation Army (PLA) Unit 69010 within the Strategic Support Force (SSF), offering a rare glimpse into SSF operations since the PLA's restructuring in 2015.

Also read: Victim of cyber crime? Here’s why ‘golden hour’ matters

Recorded Future's large-scale, automated network traffic analytics and expert analysis detected intrusions targeting sectors across bordering Asian countries.

Active since 2014, RedFoxtrot predominantly targets aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan, aligning with the operational remit of PLA Unit 69010.

RedFoxtrot maintains large amounts of operational infrastructure and has employed both bespoke and publicly available malware families commonly used by Chinese cyber espionage groups.

RedFoxtrot activity overlaps with threat groups tracked by other security vendors such as Temp. Trident and Nomad Panda.

It is assessed with high confidence that RedFoxtrot is a Chinese state-sponsored threat activity group based on identified links to a specific PLA unit and the use of shared custom capabilities considered unique to Chinese cyber espionage groups.

"The recent activity of the People's Liberation Army has largely been a black box for the intelligence community. Being able to provide this rare end-to-end glimpse into PLA activity and Chinese military tactics and motivations provides invaluable insight into the global threat landscape. The persistent and pervasive monitoring and collection of intelligence is crucial in order to disrupt adversaries and inform an organization or government's security posture", said Christopher Ahlberg, CEO and Co-Founder, Recorded Future.

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!


Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK