The Chinese military unit was recently accused of carrying out a years-long cyber espionage. The accusation from Japanese authorities was due to China's People Liberation Army buying batches of western-made anti-virus products.
The procurement documents that were found by Recorded Future's Insikt Group, and the AV products were bought in early 2019. These purchases were from several antivirus companies.
In a statement by researchers at Recorded Future, "This makes it highly unlikely that the purchases are being used for regular antivirus monitoring on a system, as the English language version would be difficult to use for the average system operator in China”.
This discovery from Insikt Group came after Japanese media reported that the Chinese People Liberation Army is behind the cyber-espionage group known as Tick. Tick is a group that was spotted abusing Trend Micro's Antivirus zero-day against Mitsubishi Electric (a Japanese company) in 2019.
“We are showing the pattern of Chinese APT behavior (software supply chain attacks) paired with these orders for foreign, English-version AV products because the likelihood of them using these purchases for malign purposes is high," stated Charity Wright, Cyber Threat Intelligence Expert at Recorded Future,
As cybersecurity threats get more calculated, your organization will need additional security layers besides just antivirus. Frequent phishing tests and new-school security awareness training can prepare your users to be informed of the latest attacks.
The Record Future has the full story.