Chinese cyberspies hacked Middle East experts at U.S. think tanks in recent weeks, the Washington Post reports.
Experts suggested that these new breaches are related to events in Iraq. The Chinese government may be interested in the United States’ involvement in the country due to its oil investments there.
The group behind the breaches, called "DEEP PANDA" by security researchers, appears to be affiliated with the Chinese government, says Dmitri Alperovitch, chief technology officer of the firm CrowdStrike. The company, which works with a number of think tanks on a pro bono basis, declined to name which ones have been breached.
Alperovitch said the firm noticed a "radical" shift in DEEP PANDA's focus on June 18, the same day witnesses reported that Sunni extremists seized Iraq's largest oil refinery. The Chinese group has typically focused on senior individuals at think tanks who follow Asia, said Alperovitch. But last month, it suddenly began targeting people with ties to Iraq and Middle East issues. […]
Experts say that breaking into organizations like think tanks can give adversaries access to sensitive communications about international strategy – and potentially allow them to use compromised e-mail accounts to get at other targets: A phishing message coming from a trusted acquaintance at a prominent think tank that asks a user to download an attachment is more likely to succeed than a seemingly random email.