Chinese hackers targeted SE Asia, India for a decade
SINGAPORE: A cyber espionage group most likely sponsored by China has been snooping on governments and businesses in Southeast Asia and India undetected for the last ten years, Inter net security company FireEye said on Monday.
FireEye said the hackers, dubbed APT30, have been systematically stealing “sensitive information” since 2005, target- ing governments, corporations and journalists with interest in China.
“Based on APT30’s confirmed targets and their intended victims, the group’s interests appear to concentrate on Southeast Asia regional political, economic and military issues, disputed territories and topics related to the legitimacy of the Chinese Communist Party,” the report said.
It said the campaign differs from other hacking outfits mostly in its scale and longevity, lead- ing researchers to believe that it must be state-sponsored — and the focus of the group’s interests point to China.
“Such a sustained, planned development effort, coupled with the group’s regional targets and mission, lead us to believe that this activity is state-sponsored — most likely by the Chinese government,” said the report released by FireEye’s regional headquarters in Singapore.
Beijing has denied the allegations of cyber espionage.
FireEye said the cyber espionage group has consistently developed its tools over the past 10 years to carry out its operations.
Bryce Boland, FireEye’s chief technology officer for the Asia Pacific, said in a blog post that the region has some of the highest levels of targeted cyber attacks worldwide and many of these go undetected.
“This group has been able to operate successfully and remain undetected for many years and has not even had to change their attack infrastructure — a clear sign that their victims don’t realise this is happening,” Boland wrote.
FireEye said the espionage group “expresses a distinct inter- est in organisations and governments associated with ASEAN, particularly so around the time of official ASEAN meetings” — where issues like the South China Sea dispute and international trade are discussed.
It said the espionage group’s data gathering tools indicate that it is “most likely trying to compromise ASEAN members or associates to steal information that would provide insight into the region’s politics and economics”.
INTERNET SECURITY COMPANY FIREEYE SAID THE HACKERS — DUBBED APT30 — HAVE BEEN STEALING “SENSITIVE INFO” SINCE 2005