New Delhi, March 16 (IANS) There has been a surge in cyber attacks on the US engineering and maritime industries — especially those connected to the South China Sea — and a Chinese cyber espionage group TEMP.Periscope is behind this, US-based cybersecurity firm FireEye said on Friday.
Since early 2018, FireEye has observed an ongoing wave of intrusions, suspected to be from TEMP.Periscope, targeting engineering and maritime entities, especially those connected to South China Sea issues.
Active since 2013, TEMP.Periscope has primarily focused on maritime-related targets across multiple verticals including engineering firms, shipping and transportation, manufacturing, defence, government offices and research universities, FireEye said.
“FireEye found a group of Chinese cyber-spies that appear to specialise in collecting data on maritime industries, and more broadly, the engineering sector, Fred Plan, Senior Analyst at FireEye, said in a statement.
TEMP.Periscope had gone quiet like many other Chinese groups after the Barack Obama-Xi Jinping agreement in late 2015.
FireEye observed TEMP.Periscope resurfacing around the summer of 2017, and the group has been particularly active since this past February.
“The organisations targeted by TEMP.Periscope have a connection to the ongoing disputes in the South China Sea. They or their customers are involved in military and defence, or the shipping business, or they are developing technologies that would be advantageous to the defence industry or governments in the region,” Plan observed.
In their recent spike in activity, TEMP.Periscope has leveraged a relatively large library of malware shared with multiple other suspected Chinese groups.
“Because of the group’s tendency to target engineering organisations we believe the group is seeking technical data that can help inform strategic decision-making,” he added.