Hackers From China Targeting SE Asia, India [REPORT]

According to the Hindu Business Line, a FireEye report published on Monday claims that the hackers have been working in the region since at least 2005, and their cyber attacks “focused on targets – government and commercial – who hold key political, economic and military information about the region.” The report went on to claim that its characteristics “lead us to believe that this activity is state-sponsored – most likely the Chinese government.”

Hackers From China Targeting SE Asia, India [REPORT]

China denies carrying out cyber attacks

Bryce Boland, Chief Technology Officer for Asia Pacific at FireEye and co-author of the report, stated that the attack was still underway, with servers used by the attackers still operational and FireEye customers were still being targeted. China has always officially denied carrying out cyber attacks against governments, organisations and companies.

When questioned about the FireEye report, Chinese foreign ministry spokesman Hong Lei said: “I want to stress that the Chinese government resolutely bans and cracks down on any hacking acts.”

This is not the first time that China has been accused of hacking targets in South and Southeast Asia. A 2011 report by McAfee claimed that the Chinese were running a campaign known as Shady Rat which targeted governments and institutions in the region.

The 10-strong Association of Southeast Asian Nations (ASEAN) has attempted to build cyber defenses, but efforts have been sporadic. Despite the fact that cyber attacks on government ministries in Singapore were reported as far back as 2004, the grouping has made little concrete progress in strengthening its cyber capabilities.

Sustained attack against weak defenses

FireEye claims that the campaign detailed in its report has been made on a larger scale and for a longer period of time than previous examples. The hackers appear to boast at least two software developers in their number. Cyber defenses in the region are so underdeveloped that hackers were able to continue using malware first seen in 2005.

National governments, ASEAN, corporations and even journalists interested in China were all targeted. Companies involved in construction energy, transport, telecommunications and aviation in Southeast Asia were also targeted.

The main method of gaining access was the sending of phishing emails, but so far the extent of the infiltration is not known. China continues to arouse suspicions with its activities and greater defensive efforts need to be made to protect both public and private actors from cyber attacks.



About the Author

Brendan Byrne
While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. To contact Brendan or give him an exclusive, please contact him at theflask@gmail.com