How Chinese hackers got hold of US NSA tools

Last Updated: Tue, May 07, 2019 15:46 hrs
Cyber crime

San Francisco: Chinese state-sponsored hackers got some of the US National Security Agency's tools and they repurposed these tools to attack allies of the US and private firms in Asia and Europe in 2016, the New York Times reported.

Rather than stealing the code, the Chinese intelligence agents captured it from an NSA attack on their own computers, said the report on Monday, citing research by cybersecurity firm Symantec.

The repurposed American tools were used by Chinese intelligence contractors to carry out attacks in at least five places - Belgium, Luxembourg, Vietnam, the Philippines and Hong Kong, according to the research.



Scientific research organisations, educational institutions and computer networks were among the targets.

Instead of naming China explicitly in its research, Symantec identified the attackers as the Buckeye group, the cybersecurity firm's own term for hackers that the US Department of Justice has identified as a Chinese Ministry of State Security contractor operating out of Guangzhou, the New York Times report said.

The Buckeye attack group has been active since at least 2009, when it began mounting a string of espionage attacks, mainly against organisations based in the US, Symantec's security response attack investigation team wrote in a blog post.