Close Menu
Compliance

Chinese APT Uses Cloud Tools to Spy on Mongolia

Staff WriterBy No Comments2 Mins Read2 Views

Quick Takeaways

  1. A newly publicized Chinese APT, "GopherWhisper," has been targeting Mongolia’s government since November 2023, using multiple backdoors with different command-and-control methods via popular cloud services.
  2. Despite the varied backdoors, GopherWhisper’s tools are considered relatively unsophisticated, possibly indicating that the group may be inexperienced or using multiple options to evade detection.
  3. Mongolia faces cyber threats primarily from China-aligned groups and Russia, with recent campaigns exploiting government websites and involving proliferation of malware.
  4. The country is actively improving its cybersecurity infrastructure amidst a high volume of cyberattacks, costing millions in damages, but still faces challenges in keeping pace with global digitalization trends.

Chinese APT Uses Cloud Tools to Spy on Mongolia

Recently, cybersecurity experts uncovered a new Chinese cyber threat targeting Mongolia. This group, called GopherWhisper, has been active since November 2023. Although it might not seem very advanced, it uses clever tactics to stay hidden. GopherWhisper employs many different backdoors, which are pieces of malicious software that allow remote access. These backdoors use popular cloud services like Slack, Discord, and Outlook to communicate without raising suspicion. By doing so, they can control infected systems and steal information without being easily detected. Experts found that at least twelve Mongolian government systems were compromised, and more may be affected. This shows how hackers can exploit everyday tools to spy on governments.

Why Mongolia Is a Target and Its Cybersecurity Challenges

Mongolia faces constant cyber threats from powerful neighbors and other cyber actors. Most attacks seem to come from China and Russia. For example, Chinese hackers have tried to access Mongolian government websites and spy on officials. Russia, on the other hand, has launched campaigns involving malware and waterhole attacks. Despite efforts to strengthen cybersecurity, Mongolia still struggles to keep up. In 2024, the country experienced over 1.6 million cyber incidents costing millions in damages. To address these issues, Mongolia has passed new laws and strategies to improve its defenses. Still, cyber threats are growing, reminding everyone that digital security remains a vital part of modern life.

Expand Your Tech Knowledge

Stay informed on the revolutionary breakthroughs in Quantum Computing research.

Explore past and present digital transformations on the Internet Archive.

CyberRisk-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.