Professional Documents
Culture Documents
Page |
CT-128-3-2-ISC Asia Pacific University
Table of Content
1.3 Overview...................................................................................................................................................................5
3.0 Conclusion................................................................................................................................................................9
5.0 References..............................................................................................................................................................10
Page |
CT-128-3-2-ISC Asia Pacific University
Recorded Future. It determined that the high- profile service and government
organizations in Southeast Asia had been compromised over the last nine months
by hackers using custom malware families similar as Funny Dream and Chinoxy.
Those custom tools aren't intimately available and are used by multiple groups
believed to be Chinese state- patronized. The targeting also aligns with the political
and profitable pretensions of the Chinese government, bolstering the dubitation it's
state- patronized, we believe this exertion is largely likely to be a state actor as the
observed long term targeted intrusions into high value government and political
targets is harmonious with cyberespionage exertion, coupled with linked
specialized links to known Chinese state- patronized exertion. (Business standard,
December 2021)
Page |
CT-128-3-2-ISC Asia Pacific University
1.3 Overview.
APT41 is a well-known cyber threat group that engages in financially motivated
conduct that may be beyond the reach of the government as well as state-sponsored
espionage on behalf of the Chinese government. malware linked to China Chopper,
Crosswalk, High Noon, xDoor, Xmrig, ASPXSpy, MessagetAP, Gh0st, njRAT,
PlugX, ZxShell, Black coffee, poison plug, Mimikatz attack modes.
Page |
CT-128-3-2-ISC Asia Pacific University
Page |
CT-128-3-2-ISC Asia Pacific University
Page |
CT-128-3-2-ISC Asia Pacific University
Page |
CT-128-3-2-ISC Asia Pacific University
3.0 Conclusion.
To conclude to all of the above, the attack was greatly planned and the victims were blackmailed
until the very end. The government took a serious damage from this attack due to data loss and
later declaration of emergency. The group of the hackers got away with it and are still planning
other attacks worldwide. Cybersecurity crimes can be avoided if the appropriate measures are
taken, like IDS as explained earlier which is a preventive measure, otherwise there are other
security controls like backup of data which are corrective controls. That means that they are
useful after the incident had happened. Although if the government of Costa Rica had their data
backed up they could get away with it and minimize the damage in a significant extend.
Conclusion 100
Page |
CT-128-3-2-ISC Asia Pacific University
5.0 References
2. Chinese state-sponsored actors exploit publicly known vulnerabilities (no date) Chinese State-
Sponsored Actors Exploit Publicly Known Vulnerabilities . National Security Agency |
Cybersecurity Advisory. Available at:
https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_
VULNERABILITIES_UOO179811.PDF (Accessed: October 7, 2022).
Page |