Sign in / up

back to article How do China's cyber-spies snoop on governments, NGOs? Probably like this

A China-backed crew is said to be running a global espionage campaign against governments, religious groups, and non-governmental organizations (NGOs) by, in some cases, possibly exploiting a vulnerability in Microsoft Exchange servers. +Symantec's Threat Hunter Team said the campaign, which aims to spy on targeted victims and …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Helpful Hint -- To Avoid The Inevitable TL;DR

    Dear El Reg:

    How about a summary at the top of articles like this?

    SUMMARY

    (1) There is ("possibly") a zero days exploit on M$ Exchange.

    (2) Bad actors can gain control of M$ Windows Servers though this exploit

    (3) Bad actors can copy emails from M$ Exchange

    (4) Bad actors can run anything they like on the compromised server

    .....but here's the thing, people like me want to know about the wider NETWORK impact of this hack.

    (5) Can bad actors use the compromised server to gain access to OTHER M$ servers on the same network?

    (6) Can bad actors use the compromised server to gain access to OTHER servers on the same network? (e.g. Linux servers, IBM mainframes, etc)?

    (7) Can bad actors use their access to impersonate the hacked business?

    (8) Can the bad actors use their access to M$ Exchange to launch credible phishing campaigns elsewhere?

    I think we should be told!!! I think a summary would help!!!

    I read the whole article, but some commentards on El Reg might just mark the article TL;DR!!

    Signed:

    AC

    8 4 Reply
  2. VoiceOfTruth Silver badge

    Snoops

    Has Symantec ever uncovered any snooping by the American government? If no, then why would anyone use it?

    1 3 Reply
    1. Richard Jones 1
      Reply Icon

      Re: Snoops

      Why would they need a back door, when the front door is easier?

      3 0 Reply
  3. Doctor Syntax Silver badge

    A good two step strategy would be:

    1. Run a honeypot operation feeding false information.

    2. Fail to conceal that you were taking step 1n without actually making clear what it covered. This applies even if you didn't actually take step 1.

    0 0 Reply
    1. Clausewitz 4.0
      Reply Icon
      Devil

      A high interaction honeypot can be used as a trampolin to attack orher orgs.. Be careful..

      1 0 Reply
  4. Paul Herber Silver badge

    'espionage campaign against .... religious groups,'

    Who are the targets here then? Methodists? 7th Day Adventists? Druids? Mormons?

    2 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Uyghurs, Tibet’s monks, Falun Dafa, and other sources of involuntary organ donations. The long arm of the CCP extends to activists in all countries.

      4 0 Reply
      1. Paul Herber Silver badge
        Reply Icon

        Yes, I know. Just wanted to give someone the opportunity to start the full list ...

        1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like