Chinese Using Malware to Spy on Commercial Shipping

Todd Faulk
Todd Faulk Senior Editor
Todd Faulk Todd Faulk Senior Editor

For the first time, a China-linked cyber threat group is using malware to gain access to commercial shipping companies and even some of the cargo ships themselves, according to a new report released by the cybersecurity firm ESET.

Mustang Panda, a cyber espionage group known for spying on governments and international organizations, has in 2024 installed its malware in the computer systems of shipping companies based in the Netherlands, Norway, and Greece, ESET said in its report. The “remote access trojan” type of malware could theoretically give Mustang Panda complete control of the companies’ IT systems and ships.

“We haven’t seen this in the past. It shows a clear interest in this sector. This was not a single occurrence. These were several distinct attacks at different, unrelated organizations,” said Robert Lipovsky, principal threat intelligence researcher at ESET.

The US Department of Homeland Security deems commercial shipping and transportation as one of 16 critical infrastructure sectors that are vital for economic activity and daily life in the country.

At a cybersecurity conference held in the UK on May 14, a US official described China’s computer hacking of critical infrastructure as an attempt to gain a military advantage in any potential conflict.

“In a crisis or conflict scenario, China could use their pre-positioned cyber capabilities to wreak havoc in civilian infrastructure and deter US military action,” said Harry Coker, the White House national cyber director.

Anne Keast-Butler, the head of GCHQ, the UK’s communications spying agency, said at the same conference, “China has built an advanced set of cyber capabilities and is taking advantage of a growing commercial ecosystem of hacking outfits and data brokers at its disposal. China poses a genuine and increasing cyber risk to the UK.”

The Chinese embassy in Washington denied all accusations that the Chinese government directed or participated in cyberattacks.

“We keep a firm stance against all forms of cyberattacks and resort to lawful methods in tackling them,” the embassy said in a release. “China does not encourage, support, or condone attacks launched by hackers.”

About the Author
Todd Faulk
Todd Faulk
Senior Editor

About the Author

Todd Faulk is a Senior Editor at SafetyDetectives. He has more than 20 years of professional experience editing intelligence reports, course plans, and online articles. He's a freelancer who has produced work for a wide variety of clients, including the US Government, financial institutions, and travel and technology websites. Todd is a constant traveler, writer of his own travel blog, and avid reader of new developments in science and technology.

Leave a Comment