By Kantaro Komiya
TOKYO (Reuters) – U.S. National Security Agency, Federal Bureau of Investigation and Japanese police jointly warned multinational companies of China-linked hacker group BlackTech in a cybersecurity advisory late on Wednesday.
The joint advisory, which also came from the U.S. Cybersecurity and Infrastructure Security Agency and its Japanese counterpart, urged firms to review the internet routers at their subsidiaries to minimise the risk of potential attack from the group.
“BlackTech has demonstrated capabilities in modifying router firmware without detection and exploiting routers’ domain-trust relationships to pivot from international subsidiaries to headquarters in Japan and the United States, which are the primary targets,” the statement said.
BlackTech has been engaging in cyberattacks on governments and tech-sector companies in the United States and East Asia since around 2010, Japan’s National Police Agency said in a separate statement.
In 2020, self-ruled Taiwan’s security authority reported cyberattacks to some 6,000 government officials’ email accounts from Blacktech and another hacking group Taidoor, saying both were likely backed by the Chinese Communist Party.
Amid heightening U.S.-China tensions over issues including Taiwan, U.S. security officials are raising the tone of their warnings against China’s cyberattack capabilities. FBI chief Chris Wray earlier this month said China “has a bigger hacking program than every other major nation combined”.
In May, cybersecurity authorities of Australia, Canada, New Zealand and the United Kingdom joined the U.S. agencies in issuing an advisory on China’s “state-sponsored cyber actor”.
Japan, a key U.S. ally in East Asia along with South Korea, was allegedly attacked by Chinese military hackers that gained access to its classified defence networks in 2020, the Washington Post said last month. The Pentagon said it was confident about sharing intelligence with Japan despite the report.
(Reporting by Kantaro Komiya; Editing by Michael Perry)