Palo Alto Network pulls back
According to two people familiar with the situation, Palo Alto Networks (PANW.O), which opens a new tab, decided against linking China to a global cyberespionage effort that the company revealed last week out of fear that Beijing would retaliate against the cybersecurity business or its clients.
The reason
According to the sources, after Reuters first reported last month that Palo Alto was one of roughly 15 U.S. and Israeli cybersecurity companies whose software had been banned by Chinese authorities on national security grounds, Palo Alto's findings that China was linked to the widespread hacking spree were scaled back.
According to the two individuals, a draft report from Palo Alto's Unit 42, the company's threat intelligence division, said that the prolific hackers, known as "TGR-STA-1030," were associated with Beijing.
About the report
The report was released on Thursday of last week. Instead, a more vague description of the hacking group as a "state-aligned group that operates out of Asia" was included in the final report. Advanced attacks are notoriously hard to attribute, and cybersecurity specialists frequently argue about who should be held accountable for digital incursions. Palo Alto executives ordered the adjustment because they were worried about the software prohibition and suspected that it would lead to retaliation from Chinese authorities against the company's employees in China or its customers abroad.
China's reply
The Chinese Embassy in Washington stated that it is against "any kind of cyberattack." Assigning hacks was described as "a complex technical issue" and it was anticipated that "relevant parties will adopt a professional and responsible attitude, basing their characterization of cyber incidents on sufficient evidence, rather than unfounded speculation and accusations'."
In early 2025, Palo Alto discovered the hacker collective TGR-STA-1030, the report says, opening a new tab. Palo Alto called the extensive operation "The Shadow Campaigns." It claimed that the spies successfully infiltrated government and vital infrastructure institutions in 37 countries and carried out surveillance against almost every nation on the planet.
After reviewing Palo Alto's study, outside experts claimed to have observed comparable activity that they linked to Chinese state-sponsored espionage activities.
