A security firm that last month highlighted spyware hidden in Chinese tax software issued a new report Tuesday shedding more light on how Western companies doing business in China are targeted for industrial espionage. Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found. In June, Trustwave’s SpiderLabs reported on malware they called GoldenSpy, which was hidden inside software that their client, a tech firm with ties to the U.S. defence industry, was required to install to pay local taxes. The malware secretly installed a back door that gave attackers complete access to the company’s networks, Trustwave reported.
Sometimes it\’s hard to avoid using tax software in countries where there are no secure alternatives, the law is unfamiliar, and there are language barriers. I recommend any company that insists on using Chinese tax software do so on an isolated device with no access to the company\’s network or other resources. A virtual machine might be suitable so long as it\’s set up in a secure way. This way, if the device gets infected, it can\’t spread to other devices on the company network and won\’t find anything to steal on the local device.
The GoldenSpy and GoldenHelper revelations are just the latest in a series of malware/spyware apparently installed on the computers of U.S. corporations doing business in China. U.S. officials have long believed the Chinese government actively steals corporate secrets from U.S. corporations, some of who are involved in the U.S. defence industry.
Incidents such as this underscore the need for corporations to practice safe computing measures, spend more money on protecting their computer networks, and educate their employees and executives on safe computing practices. Users need to stay alert for any situation that may indicate spyware or malware has infected their systems.