American firm uncovers cyber espionage of Asian countries

American firm uncovers cyber espionage of Asian countries

HA NOI - A decade-long cyber espionage operation for stealing sensitive information from India and several ASEAN countries, including Vietnam, was discovered by American security firm FireEye.

In a workshop on the newly released report, entitled APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation, held in Ha Noi yesterday, FireEye detailed how the threat group APT30 constantly organised attacks on thousands of computers, one at a time, to collect sensitive data from Asian countries, notably Vietnam, Thailand, South Korea, India and Malaysia.

The report by FireEye said APT30 takes a special interest in political developments in Southeast Asia and India, and is particularly active at the time of ASEAN summits, regional issues and territorial disputes between China, India and Southeast Asian countries.

More than 200 malwares specifically designed by APT 30 have been found active in computers placed in important government and commercial entities in Vietnam so far.

Journalists also are a target of APT30 should they report stories on the status of the Chinese economy, advanced technology, corruption and human rights, besides territorial disputes on land and the sea as well as national defence and military forces, FireEye said.

Such an espionage operation by APT30 was traced as far back as 2005, with attack tools, tactics and operational methods remaining coherent and unchanged in the past decade. This was deemed unusual compared to other threat groups as they refreshed themselves from time to time to avoid being detected, FireEye Senior Director for Asia-Pacific region Wias Issa said.

He said one possible reason why APT30 did not change to new cyber infrastructure might be that it did not feel the need to do so, and that meant the group's stealth activities had not been discovered in the last ten years.

Regarding the motive of the threat group, FireEye said there was a high chance Beijing was behind the espionage operation due to the massive involvement of China in the sensitive data acquired by APT30 and other technical traces that pointed to Beijing.

More about

Purchase this article for republication.



Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.