Chinese hackers reportedly posing as Iranians have infiltrated dozens of Israeli private and public organisations, in the first documented Chinese cyberattack on Israel.
Dozens of Israeli private and public organisations have been targeted over the past two years by a cyberattack thought to originate from China, Israeli newspaper Haaretz reported on Tuesday.
The US-based cybersecurity company FireEye said that the organisations targeted were in the shipping, defence, information technology, telecommunications, high-tech, and academia sectors.
This was the first-ever documented case of a major Chinese cyberattack on Israel, Haaretz said, adding that several other countries including Iran, Saudi Arabia, and Ukraine had been targeted by hackers from the country.
According to a report by FireEye, which spent two years monitoring the attacks, the aim was to steal commercial secrets and technology.
FireEye said that the Chinese hackers had tried to disguise themselves as Iranians, using Farsi and hacking tools associated with Iranian entities.
“The use of Farsi strings, filepaths containing /Iran/, and web shells publicly associated with Iranian APT [Advanced Persistent Threat] groups may have been intended to mislead analysts and suggest an attribution to Iran,” Sky News quoted the FireEye report as saying.
Hackers claiming to be Iranian have previously announced responsibility for major cyberattacks on Israeli facilities.
FireEye investigator Sanaz Yashar told Haaretz that the attacks could be connected with China’s Belt and Road international development initiative.
China’s monumental infrastructure project involves railroads and ports, including in Israel.
“Their goal isn’t necessarily always to steal intellectual property; it’s possible that they’re actually looking for business information,” Yashar said. “In the Chinese view, it’s legitimate to attack a company while negotiating with it, so they will know how to price the deal properly.”
Last month, several Western countries accused China of “systematic cyber-sabotage” for its presumed role in a major attack on the Microsoft Exchange mail server.
The Chinese government has denied the accusations.