Southeast Asia and Australia Orgs Targeted by Aoqin Dragon Hackers for Ten Years
The hacking group has targeted government, education and telecom entities
Discover the latest in cybersecurity education, training programs, courses, and certifications to secure digital environments effectively.
Search across headline titles and summaries.
Background for this topic.
Education comprises schools, colleges, universities, training providers, and the systems supporting teaching, assessment, administration, and research. Its distinctive assets include student and staff records, attendance and grades, learning materials, research data, payment information, and sometimes sensitive information about children or vulnerable people. Core dependencies include identity systems, email, learning platforms, campus networks, cloud services, online examination tools, and third-party platforms; disruption can affect teaching, assessment, safeguarding, or essential administration.
Security priorities include tightly scoped access for students, staff, contractors, and researchers; strong authentication; timely patching of internet-facing and classroom-managed devices; and careful control of data shared with service providers. Privacy requirements make retention, access logging, and protection of educational and research records material. Because education operates on fixed academic schedules and often has limited recovery windows, tested backups, offline or segregated recovery copies, and rehearsed procedures for isolating accounts or systems can support continuity. Vulnerability management should account for legacy devices and decentralized departmental technology, while incident response plans should preserve evidence and provide clear communications to affected communities.
The hacking group has targeted government, education and telecom entities
As many as eight zero-day vulnerabilities have been disclosed in Carrier's LenelS2 HID Mercury access control system that's used widely in healthcare, education, transportation, and government facilities
A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013
A coalition of over 25 industry leaders, led by NightDragon and non-profit NextGen Cyber Talent, partner to raise $1 million for collegiate cybersecurity education
Microsoft's Digital Crimes Unit (DCU) last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation