86 112
Fashion Jobs
STAND OUT FOR GOOD
Brand Rep (Sales Associate)
Permanent · ANN ARBOR
JCPENNEY
Asset Protection SC Manager
Permanent · CEDAR HILL
JCPENNEY
Beauty Field Manager-Bay Area
Permanent · DALLAS
JCPENNEY
Asset Protection Manager-San Antonio, TX
Permanent · SAN ANTONIO
RALPH LAUREN
Associate Manager
Permanent · HERSHEY
A & F
Abercrombie & Fitch - Assistant Manager, International Market Place
Permanent · HONOLULU
A & F
Hollister CO. - Brand Representative, Galleria at Tyler
Permanent · RIVERSIDE
FOOT LOCKER
Director of Safety (Supply Chain)
Permanent · CAMP HILL
LEE
PT Keyholder, Estero, FL
Permanent · ESTERO
URBN
Free People: Merchandise Planning Manager
Permanent · PHILADELPHIA
URBN
Free People: Senior Merchandise Planner
Permanent · PHILADELPHIA
KOHLS
Operations Supervisor - Weekend Overnights
Permanent · EDGEWOOD
KOHLS
Full-Time Loss Prevention Officer
Permanent · SOUTH BURLINGTON
ADIDAS
Key Account Manager: Athletic Footwear
Permanent · PITTSBURGH
KOHLS
Full-Time Loss Prevention Supervisor
Permanent · GOSHEN
KOHLS
Full-Time Loss Prevention Supervisor
Permanent · NAPLES
KOHLS
Shift Leader/Operations Manager - Weekend Night Shift
Permanent · PATASKALA
AMERICAN EAGLE OUTFITTERS
Aerie - Merchandise Leader (Part-Time) - us
Permanent · POOLER
AMERICAN EAGLE OUTFITTERS
ae - Merchandise Leader (Part-Time) - us
Permanent · MURFREESBORO
AMERICAN EAGLE OUTFITTERS
Aerie - Merchandise Leader - us
Permanent · KAPOLEI
NAVY EXCHANGE
Buyer (Level i) - Beauty Care
Permanent · VIRGINIA BEACH
NAVY EXCHANGE
Buyer (Level i) - Pet
Permanent · VIRGINIA BEACH
By
Reuters
Published
Apr 6, 2017
Reading time
2 minutes
Download
Download the article
Print
Text size

U.S. trade group hacked with Chinese software ahead of Xi summit

By
Reuters
Published
Apr 6, 2017

A sophisticated hacking group that pursues Chinese government interests broke into the website of a private U.S. trade group ahead of Thursday's summit between U.S. President Donald Trump and Chinese President Xi Jinping, according to researchers.


Wikimedia Commons



The hackers left a malicious link on web pages where members of the National Foreign Trade Council (NFTC) register for upcoming meetings, according to researchers at Fidelis Cybersecurity and a person familiar with the trade group.

The nonprofit NFTC is a prominent advocate on international trade policy, with corporate members including Wal-Mart Stores Inc, Johnson & Johnson, Amazon.com Inc, Ford Motor Co and Microsoft Corp.

The malicious link deployed a spying tool called Scanbox, which would have recorded the type and versions of software running on the computers of those exposed to it, said Fidelis researcher John Bambenek. Such reconnaissance is typically followed by new attacks using known flaws in the detected software, especially older versions.

Scanbox has only been used by groups associated with the Chinese government, Fidelis said, and was recently seen on a political site aimed at Uyghurs, an ethnic minority under close government scrutiny in China.

The breach was detected about five weeks ago by a NFTC director who is a customer of Fidelis, the security company said. Both the Federal Bureau of Investigation and the NFTC were notified and the malicious link removed, and Fidelis said it had no evidence of NFTC members being infected.

The FBI and the NFTC declined to comment. A spokesman for the Chinese foreign ministry did not respond to a request for comment.

Bambenek said he believed the attack was classic espionage related to international trade talks, rather than a violation of a 2015 agreement between former U.S. President Barack Obama and Xi to end spying for commercial motives.

The summit starting on Thursday is the first meeting between Xi and Trump, who blamed China on the campaign trail for the loss of many U.S. jobs and vowed to confront the country's leaders on the matters of trade and currency manipulation.

“I think it’s traditional espionage that happens ahead of any summit,” said Bambenek. “They would like to know what we, the Americans, really care about and use that for leverage.”

Other security firms agreed that wholesale theft of U.S. intellectual property has not returned.

Instead, FireEye Inc and BAE Systems Plc said that the hacking group identified by Fidelis, called APT10, has recently attacked government and commercial targets in Europe.

FireEye researcher John Hultquist said heavy industries in Nordic countries have been hacked more often as Beijing switches priorities.

“They are certainly taking those resources and pushing them to other places where they can still get away with this behavior," Hultquist said.

 

© Thomson Reuters 2024 All rights reserved.