TLDR:
China-linked cyber espionage group Mustang Panda targets commercial shipping companies in Norway, Greece, and the Netherlands using malware tools, as disclosed by cybersecurity firm ESET. This represents the first known case of a China-linked cyber espionage group targeting the commercial shipping sector.
China-linked cyber espionage group targets commercial shipping companies
According to news, a cyber espionage group with ties to China, identified as Mustang Panda, has reportedly deployed malware targeting computer systems of commercial shipping companies in Norway, Greece, and the Netherlands. This information, disclosed by cybersecurity firm ESET based in Slovakia, coincides with warnings from U.K. and U.S. officials regarding significant cyber threats originating from China, especially towards critical infrastructure.
Mustang Panda, previously implicated in espionage activities against governments and organizations in Asia and Europe, is known to use similar malware tools in its spying campaigns. These tools enable attackers to gain complete access to a device and execute commands once access is established. Robert Lipovsky, ESET’s principal threat intelligence researcher, noted a specific interest in this industry from the attackers, although it is unclear whether the spying involved the use of physically planted USB devices at the companies or on ships, as reported by NBC News.
In response to the allegations, China’s embassy in Washington has vehemently denied any involvement in cyber attacks, with spokesperson Liu Pengyu stating that China itself is a victim of cyber attacks and opposes all forms of such activities.