ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailPositive ArrowIcon PrintSite TitleTitle ChevronIcon Twitter
Technology

Chinese hacker group targets Japanese and South Korean businesses

Mitsubishi Electric latest victim of attacks that evade conventional defenses

 China's Tick hacking group is said to use novel methods to circumvent conventional cyber-defenses. (photo by Wataru Ito)

TOKYO -- A group of Chinese hackers has struck businesses across Japan and South Korea, employing techniques designed to evade conventional cybersecurity defenses.

The latest attack was reported Monday by Japan's Mitsubishi Electric. Cyberthieves may have gained access to more than 8,000 pieces of personal information, the company said, but reported that no highly sensitive information had been compromised.

The Chinese hacker army known as Tick is suspected of involvement in the attack, said a source close to the investigation. The group has targeted tech companies in South Korea.

Tick's favored method of operation begins by stealing email accounts belonging to private market research firms. The hackers then send emails to Chinese subsidiaries of target corporations in the guise of the research firms.

The emails contain malware that can be controlled remotely by Tick. Using the subsidiary's computer system as a steppingstone, the hackers can gain access to the parent company's networks and steal sensitive information.

Tick has grown increasingly active since roughly November 2018, when the group accelerated its development of malware, Tokyo cybersecurity company Trend Micro said. The hackers continuously modify malware and other tools to slip past cybersecurity software and device scans.

The infiltrators also have become adept at covering their tracks. It can take years before a company discovers the breach. Some in the Japanese government fear that hackers have compromised businesses other than Mitsubishi Electric.

But Tick is not the only hacker collective. In December 2018, the U.S. and Japan issued statements condemning a team called APT10.

Japan has urged domestic companies to bolster cyber defenses, and the Defense Ministry is rolling out tougher security standards for contractors. The level of compliance will be similar to what is required by the U.S. Department of Defense.

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Get Unlimited access

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends July 31st

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to the Nikkei Asian Review has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media