A team of security experts has foiled the activities of a sophisticated group of hackers linked to China that has counted government agencies, Fortune 500 companies, journalists, environmental groups and academic institutions as its victims.
Dubbed the Axiom Threat Actor Group, the group of hackers is described as “a well resourced, disciplined, and sophisticated subgroup of a larger cyber espionage group that has been directing operations “unfettered” for more than six years, according to a report from the cyber security coalition, which includes Novetta, Bit9, Cisco, FireEye, F-Secure, iSIGHT Partners, Microsoft, Tenable, ThreatConnect, ThreatTrack Security and Volexity.
Novetta, which heads the coalition said in a press release it has “moderate to high confidence” that Axiom is acting on behalf of the China-sponsored intelligence agency.
“This co-ordinated effort by security industry leaders is the first of its kind and has had a quantifiable impact on state-sponsored threat actors,” said Novetta CEO Peter B. LaMontagne. “The Axiom threat group is a well resourced, disciplined, and sophisticated cyber-espionage group operating out of mainland China.”
The coalition’s initiative offers tools and technical assistance to better protect coalition customers which, in turn, will force Axiom to use new exploits which costs the hackers money and resources. So far, more than 43,000 separate installations of Axiom-related tools have been removed from machines protected by Operation SMN partners.
China, of course, denies having any involvement with the hacking group.
“Judging from past experience, these kinds of reports or allegations are usually fictitious,” Chinese Embassy spokesman Geng Shuang told The Washington Post. “China is a victim of these kinds of attacks, according to the Snowden revelations.”