An Asian cyber-espionage group spent the past year breaking into computer systems linked to governments and critical infrastructure organizations in more than 37 countries, according to new research from Palo Alto Networks Inc. cited by Bloomberg. 

The intrusions targeted some 70 organizations, including five national law enforcement and border control agencies, three ministries of finance, a national parliament, and a senior elected official in another country. Palo Alto declined to identify the hackers’ country of origin, describing the group only as state-aligned, Bloomberg said. 

The Santa Clara-based cybersecurity firm said the attackers used highly tailored phishing emails and “known, unpatched security flaws” to gain access, with espionage as the primary objective. Pete Renals, director of national security programs at Unit 42, Palo Alto’s threat intelligence division, told Bloomberg that the group frequently sought access to email communications and other sensitive data. 

The firm’s analysis suggests the activity often lined up with Chinese national interests, Bloomberg wrote.

One suspected breach occurred a day after U.S. military and law enforcement captured Venezuelan leader Nicolas Maduro, the news agency reported. Palo Alto said hackers “likely compromised” a device associated with a facility operated by Venezolana de Industria Tecnológica, a venture founded by Venezuela’s government and an Asian tech firm. 

The hackers also compromised Brazil’s Ministry of Mines and Energy, which oversees a major supply base for rare earth mineral reserves, according to the report. The intrusion came as U.S. diplomats held meetings with mining executives in October. 

Palo Alto separately described suspected activity across an array of other countries, including Germany, Poland, Greece, Italy, Cyprus, Indonesia, Malaysia, Mongolia, Panama and others.

Read more at Bloomberg

Read more at Palo Alto’s Unit 42