Adrian Johnson
TLDR:
- Mustang Panda, a China-linked cyber espionage group, targeted commercial shipping companies in Norway, Greece, and the Netherlands with malware.
- This is the first instance of a China-linked group focusing on commercial shipping, according to ESET.
A China-linked cyber espionage group called Mustang Panda has been identified by the Slovakia-based cybersecurity firm ESET for introducing malware to gain remote access to the computer systems of commercial shipping companies based in Norway, Greece, and the Netherlands. This revelation comes amid increasing concerns from U.K. and U.S. officials about the cybersecurity threat posed by China to critical infrastructure.
Mustang Panda, previously known for espionage against governments and organizations in Asia and Europe, has utilized similar malware tools in past espionage campaigns. These tools allow the attacker to gain full access to a device and issue commands upon gaining entry. Robert Lipovsky, the principal threat intelligence researcher at ESET, emphasized that there was a clear interest in the commercial shipping sector from this China-linked cyber espionage group, marking the first known instance of such focus in this industry.
Despite the accusations, China’s embassy in Washington has denied any involvement in these cyber attacks and reiterated China’s stance against all forms of cyber attacks. It remains unclear whether the cyber spying effort involved the use of physically planted USB devices at the companies or on ships, as reported by NBC News. This incident sheds light on the evolving landscape of cyber threats faced by the maritime industry, emphasizing the need for robust cybersecurity measures to safeguard against such intrusions.
