Asia a hotbed for cyber threats
Experts: State-sponsored groups are well-organised and conduct sophisticated attacks
Singapore: They have funny names like EmissaryPanda and IronHusky, but the damage inflicted by these hacker groups is no laughing matter.
Predictions by IT security experts that 2018 would be the year of state-sponsored cyber attacks have come true, with Asia a hot spot in particular for these sophisticated attacks.
While attacks by Russian operatives in the run-up to the 2016 United States elections still dominate headlines, experts warn of a resurgence in activity by Chinese- speaking groups, some of which appear to have a geopolitical agenda.
About a third of advanced persistent threat (APT) activities detected early this year were based in Asia, said IT firm Kaspersky Lab, which warned of the “continuous rise of Chinese-speaking activity” that targeted government entities in Taiwan, Malaysia and the Philippines.
It said in a report earlier this month that “in terms of well-known groups, Asian actors were the most active by far”.
“Probably one of the most interesting cases is Lucky Mouse (also called Emissary Panda and suspected to have China links), with aggressive new activity heavily related to the geopolitical agenda in Asia,” it said.
Like other cyber attacks, APT attacks aim to steal data, disrupt operations or destroy infrastructure. The difference is that APT attacks are conducted by well-organised groups – many with state ties – that pursue their objectives over months or years while adapting to cyber defences.
Cyber security firm Fire Eye, which tracks APT groups “that receive direction and support from an established nation state”, lists 16 such groups, of which nine are suspected to be linked to China.
Another six groups are believed to originate in Russia, Iran, Vietnam and North Korea, with the origins of the remaining group undetermined.
Since the discovery in 2010 of Stuxnet, a complex piece of malware developed by the United States and Israel that severely damaged an Iranian nuclear plant, experts have warned of an increased willingness of nation states to further their strategic interests using cyber attacks.
This is partly because these attacks are hard to trace and seen to have low cost-to-benefit compared to traditional attacks.
“It’s becoming increasingly clear that the level of sophistication and tenacity shown by these attackers is far beyond the opportunistic hacking many enterprises are currently prepared to defend against,” said IT firm Akamai’s global security advocate Martin McKeay.