FireEye has disclosed findings pertaining to an advanced persistent threat group that it says is based in China and targets data on diplomatic issues in Asia.
The group called Watermain has worked since 2011 to send spear phishing emails that contain a script designed to create backdoors in infected computers, FireEye said Thursday.
“Collecting intelligence on India remains a key strategic goal for China-based APT groups, and these attacks on India and its neighboring countries reflect growing interest in its foreign affairs,” said Bryce Boland, FireEye’s chief technology officer for the Asia-Pacific.
“Organizations should redouble their cybersecurity efforts and ensure they can prevent, detect and respond to attacks in order to protect themselves,“ Boland added.
Over the course of its activity, Watermain has targeted more than 100 victims such as Tibetan activists and Southeast Asian nations.