Amnesty Intl. says cyberattack on Hong Kong office appears linked to known APT group
The Hong Kong division of human rights organization Amnesty International said yesterday that its offices were recently targeted by a sophisticated cyber attack that bore the hallmarks of Chinese state-sponsored actors.
A press release issued by the non-governmental organization’s Hong Kong chapter said that suspicious activity was detected on March 15, although it does not state the nature of the attack or specific areas targeted. According to the release, forensic investigators determined that the actor’s attack infrastructure, as well as its tactics, techniques, and procedures, is consistent with a “known APT group” whose campaigns are associated with the Chinese government.
“This sophisticated cyberattack underscores the dangers posed by state-sponsored hacking and the need to be ever vigilant to the risk of such attacks. We refuse to be intimidated by this outrageous attempt to harvest information and obstruct our human rights work,” said Man-kei Tam, director of Amnesty International, Hong Kong.
The organization says it responded by setting up a global task force, securing its systems, contacting and providing guidance to individuals whose details may have been exposed, and alerting Hone Kong’s Office of the Privacy Commission for Personal Data.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise