Security firm CrowdStrike has reported that a Chinese hacking group, which it has dubbed Deep Panda, has switched targets from the US to Iraq.
CrowdStrike said Deep Panda is one of the most capable hacking teams that it studies, calling it “one of the most advanced Chinese nation-state cyber-intrusion groups“.
“For almost three years now, CrowdStrike has monitored Deep Panda targeting critical and strategic business verticals, including government, defence, financial, legal, and the telecommunications industries,” said the firm.
“At the think tanks, Falcon Host detected targeting of senior individuals involved in geopolitical policy issues, in particular in the China/Asia Pacific region. However, last week the unprecedented real-time visibility provided by [CrowdStrike’s endpoint security tool] Falcon Host into this actor’s escapades allowed analysts to observe a radical change in targeting.”
The firm said the group “suddenly began targeting individuals with a tie to Iraq or Middle East issues”, with a potential interest in the oil market and any US involvement in the local military.
“Iraq happens to be the fifth-largest source of crude oil imports for China and the country is the largest foreign investor in Iraq’s oil sector,” it added.
“Thus, it wouldn’t be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper US military involvement that could help protect the Chinese oil infrastructure in Iraq.”
Reuters, which was in attendance at a news briefing held by the Chinese government, reports that the official line is that the claims are baseless.
A Chinese government spokesman said: “Some US internet security firms ignore the US threat to the internet and constantly seize upon the so-called China internet threat. The evidence they produce is fundamentally untrustworthy and unworthy of comment.”