PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Summary
Google has revealed that Chinese state-sponsored hackers, operating under the alias "BAD CALLSIGN," infiltrated the networks of US medical and military organizations for over a year. The group targeted sensitive data, including information on drone technology and pathogens, by exfiltrating data from Gmail accounts.
IFF Assessment
This discovery indicates a successful long-term espionage campaign by a state-sponsored threat actor, posing a significant risk to sensitive national security and research data.
Defender Context
This incident highlights the persistent threat from nation-state actors targeting critical infrastructure and sensitive data. Defenders should be vigilant about sophisticated phishing campaigns and the long-term presence of threat actors within their networks, focusing on advanced threat detection and incident response capabilities.