Donald Trump will meet with China’s President Xi Jinping in a tense meeting following Trump’s strong criticism of China. The meeting will become even more complicated following reports that Fidelis Cybersecurity found hackers breached the National Foreign Trade Council in February.
The hackers are said to work for the Chinese government.
News of the hack is expected to lead to surveilling staff members at the council. The hack involved a malicious link placed on the NFTC website that invited board members to a fictitious meeting. The link, when clicked, ran malicious coding called Scanbox.
Scanbox is malicious coding found in 2014 that is said to be able to log a person’s keystrokes. The software is linked to Chinese espionage. The link remained on the council’s website between February 27 and March 1 before the coding was notified.
The council includes executives from the largest businesses in America, including Google, Walmart, Visa and Amazon.
Fidelis expects that the hack was an attempt to gain information prior to trade negotiations between the two Presidents on April 6. The security firm states that these attacks are used to identify targets and are the basis for future attacks that work to phish the user’s information through custom-targeted attacks in the future.
Reports suggest that no financial data was stolen as a result of the hack. The NFTC is unsure of how the code was placed on their website.
Fidelis suggests that the attacks were the work of a group called APT10. The group is said to be government sponsored by China. The group was in the headlines this week when PwC stated that the group is responsible for an espionage attack that focused on the cloud and managed service providers across the world.
The group gained access to these customer networks, according to reports.
Fidelis is unsure if APT10 is the culprit in the NFTC hack, but suggests that the group may be responsible for the infiltration.