Chinese state-sponsored threat groups have been observed targeting businesses and governments in the European Union. This was claimed by ENISA and CERT-EU.
Earlier last week, a joint advisory was published stating that particular advance persistent threat groups like APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda were indulged in these activities.
These malicious cyber activities, which had significant effects, targeted government institutions and political organizations in the EU and Member States, as well as key European industries.
ENISA and CERT-EU said that the recent operations pursued by these actors focused on information theft, primarily via establishing persistent footholds within the network infrastructure of organizations of strategic relevance.
ENISA says the defenders should follow guidelines provided in the joint publication as well as the cybersecurity mitigation measures against critical threats compiled by CERT-EU.
Some of the recommendations are as follows
- Following hardening guidelines,
- Managing admin accounts
- Managing critical assets
- Ensuring proper access controls for end users and external third-party contractors.
These recommendations aim to reduce the risk of being compromised by the mentioned APTs, as well as substantially improve the cybersecurity posture and enhance the overall resilience of these organizations against cyberattack.