Threat Intelligence

Attribution of sprawling cyberespionage campaign allegedly held back amid China retaliation fears

China Bans Cyber Attacks: Examining Internet Security with Chinese Flag and Binary Data Through a Magnifying Glass Concept

Attacks part of a global cyberespionage campaign by the TGR-STA-1030 hacking operation were alleged by sources to have been attributed by Palo Alto Networks Unit 42 researchers to an Asian state-aligned group rather than to China due to possible retribution to the cybersecurity provider or its customers, Reuters reports.

While the intrusions were linked with high confidence to Beijing, Palo Alto Networks executives opted to dial back attribution due to the ban of the company's software in China, as well as other retaliatory actions, claimed the sources, who neither named the executives involved in the decision nor provided details regarding the draft report's contents.

Palo Alto Networks, which had linked cyberattacks to China as recently as September, dismissed the sources' statements, denying that Chinese procurement laws influenced the absence of attribution. Analysis of the attack campaign recently reported by Palo Alto Networks by other cybersecurity firms, including SentinelOne, showed similarities with Chinese state-backed intrusions.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds