print PRINT

SECURITY > Cybersecurity

U.S. cybersecurity firm confirms Chinese hacking group’s state-sponsored cyber espionage activities

  • November 17, 2017
  • , Sankei , p. 1
  • JMH Translation

By Kazumasa Bando


Sankei interviewed American cybersecurity firm FireEye’s Tim Wellsmore, who leads threat intelligence investigations in the Asia Pacific region, at a venue in Tokyo. “Since the beginning of this year, Chinese hacker groups have been intensifying their cyber espionage activities against Japanese organizations, targeting governmental agencies and the aerospace industry.” Wellsmore emphasized the risks of the leakage of advanced technologies and trade secrets, and described the damage that has already been inflicted by these cybercriminals backed by the Chinese government. Having shared this intelligence, American investigative authorities have started investigations.


According to Wellsmore, a China-based hacking group known as APT10 has been perpetrating the targeted attacks to steal intellectual property and other sensitive information. The cybercriminals, who have been active since around 2009, have started expanding their hacking operations to the U.S., Japan, and the UK. APT10’s biggest target is the U.S., constituting 54% of its activities, while Japan is its second at 17%.


“Japan is its central target in Asia, with the group having attacked a wide range of Japanese sectors including government agencies, manufacturing, defense, aerospace, and finance,” points out Wellsmore. “There have been cases of successful cyberattacks, causing tangible damage. Precaution is needed.” The state-affiliated group’s modus operandi is a mixed bag of tricks including using email messages with infected attachments to bait victims into downloading malicious software. In January of this year, FireEye confirmed that an infected email was sent to a Japanese government agency under the guise of a science-related budgetary inquiry.


FireEye has observed APT10 for around eight years and concluded that the group is indeed sponsored by the Chinese government. “Judging by how it has been able to relentlessly sustain its advanced cyberattcks, we believe it would have been impossible without government support,” says Wellsmore. The cybersecurity firm determined the group’s ties to the Chinese government after detailed analysis of its repeated attacks on organizations that would benefit China if infiltrated successfully.


Although Wellsmore admitted that he did not know why China has started intensifying its attacks this year, he speculated that “the Chinese government may have heightened pressure to gather intelligence on other countries.”


“China is a world-leader in cyber espionage,” asserts Wellsmore. FireEye has evidence of 29 hacking groups sponsored by the Chinese government, including APT10. That is the largest number of confirmed hacking groups in the world.



  • Ambassador
  • G7 Summit
  • Ukraine