Microsoft announced yesterday that its Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group. Microsoft’s disruption will not prevent the hacking group from continuing other hacking activities, but Microsoft has removed a key piece of the infrastructure the group has been relying on for the recent attacks.
Microsoft has named this hacking group as Nickel. Microsoft DCU got permission from a federal court in Virginia to seize websites used by Nickel to attack organizations in the United States and 28 other countries around the world. Microsoft believes that these attacks were largely being used for intelligence gathering from government agencies, think tanks and human rights organizations.
- Nickel has targeted organizations in both the private and public sectors, including diplomatic organizations and ministries of foreign affairs in North America, Central America, South America, the Caribbean, Europe and Africa.
- In addition to the U.S., the countries in which Nickel has been active include: Argentina, Barbados, Bosnia and Herzegovina, Brazil, Bulgaria, Chile, Colombia, Croatia, Czech Republic, Dominican Republic, Ecuador, El Salvador, France, Guatemala, Honduras, Hungary, Italy, Jamaica, Mali, Mexico, Montenegro, Panama, Peru, Portugal, Switzerland, Trinidad and Tobago, the United Kingdom and Venezuela.
“No individual action from Microsoft or anyone else in the industry will stem the tide of attacks we’ve seen from nation-states and cybercriminals working within their borders. We need industry, governments, civil society and others to come together and establish a new consensus for what is and isn’t appropriate behavior in cyberspace,” wrote Tom Burt, Corporate Vice President, Customer Security & Trust at Microsoft.