A new piracy of foreign ministers. According to a recent “Unit 42” survey, the cybermenacious intelligence division Cybermenaces de Palo Alto, a cybersecurity company, Chinese computer pirates have infiltrated the messaging servers of several foreign ministers. The operation, which extends for several years, seems to be destined to spy diplomatic communications worldwide.
Pirates took control of Microsoft exchange servers, which allowed them to access confidential exchanges in certain foreign ministries. Lior Rochberger, principal researcher at Palo Alto Networks, explains to Bloomberg, that the pirates went specifically to keywords linked to the Chinese Summit in Riad in 2022.
Among these terms there were also influential names such as Chinese President Xi Jinping and his wife Peng Liyuan, highlighting the particular interest of computer pirates for this diplomatic event.
There are no details about the affected countries
Countries affected by this campaign have not been clearly identified. However, the Palo Alto Reds report underlines that the profile of the objectives corresponds closely to the economic and geopolitical interests of the People’s Republic of China.
The cyber unit, called “Phantom Taurus” by the company, often acts in relation to significant global events, strengthening the suspicions of a sophisticated intelligence operation.
Palo Alto Networks indicates that it is not yet formally established that this group acts under the official sponsorship of the Chinese government, but the terms of this series of attacks suggest a coordinated campaign to monitor the most delicate diplomatic communications throughout the world.
This new revelation is part of a broader context of increasing tensions on cyber attacks aimed at international government institutions, highlighting the strategic importance of cyberspioning in contemporary international relations.
Regularly directed ministers
But this type of attack is, in reality, quite frequent. Chinese computer pirates, suspected of acting on behalf of the Chinese state, have already carried out a large cybernetic campaign directed to around 80 countries, including several foreign ministries, according to the FBI and international agencies.
This operation, called Salt Typhoon, has affected the critical infrastructure, such as telecommunications, transport and hotels for at least 2021, with the aim of intercepting communications and diplomatic trips worldwide. Despite the accusations, China denies all responsibility and accuses the United States of hypocrisy in terms of cybersagase.
In addition, several recent cases illustrate the vulnerability of foreign ministers against these attacks. For example, in November 2024, French minister Jean-Noël Barrot was a victim of piratrias by Phishing pointing to his personal phone, revealing the sophistication of attacks against high diplomatic spheres.
These events also emphasize the growing strategic importance of cyberspage in international relations, since state actors often pointed their role in these intrusions.
Source: BFM TV
