A hacker group believed to be connected to the Chinese government has attacked the power grid network of a nearby country according to a Tuesday report from Wired quoting a cybersecurity firm, Symantec.
The hacker group is known as APT41 and conducted the initial attack in February 2023. It lasted for a least six months.
I'm not saying they would use it. But if there are tensions between the two countries, you can push the button.”
David O’Brien, Symantec
The report did not specify which country was attacked for security reasons.
The group has a reputation for attacking similar targets. They began as a group producing malware before turning to for-profit attacks which saw them steal funds allocated by the US government for COVID relief.
David O’Brien, an intelligence analyst at Symantec affirmed that the target country was one in which China may “have an interest from a strategic perspective,” although he posits that the aim may have been spying rather than causing damage.
Not the first attack on energy infrastructure
A similar attack was aimed at India in recent years and such attacks have been warned against in the US , particularly against its territory of Guam.
“There are all sorts of reasons for attacking critical national infrastructure targets,” O'Brien told Wired. “But you always have to wonder if one is to be able to retain a disruptive capability. I'm not saying they would use it. But if there are tensions between the two countries, you can push the button.”
Experts in the field are convinced that this is not the last time we will hear from this group, even for the previous targets.
“They have to maintain access, which means they're probably going to go right back in there. They get caught, they retool, and they show up again,” says John Hultquist, head of threat intelligence at cybersecurity firm Mandiant.