Chinese hackers targeted India, South East Asia for decade, says report
A cyber espionage group most likely sponsored by China has been snooping on governments and businesses in Southeast Asia and India undetected for the last ten years, Internet security company FireEye said Monday.world Updated: Apr 13, 2015 13:52 IST
A cyber espionage group most likely sponsored by China has been snooping on governments and businesses in Southeast Asia and India undetected for the last ten years, Internet security company FireEye said Monday.
FireEye said the hackers, dubbed APT30, have been systematically stealing "sensitive information" since 2005, targeting governments, corporations and journalists with interest in China.
"Based on APT30's confirmed targets and their intended victims, the group's interests appear to concentrate on Southeast Asia regional political, economic and military issues, disputed territories and topics related to the legitimacy of the Chinese Communist Party," the report said.
It said the campaign differs from other hacking outfits mostly in its scale and longevity, leading researchers to believe that it must be state-sponsored -- and the focus of the group's interests point to China.
"Such a sustained, planned development effort, coupled with the group's regional targets and mission, lead us to believe that this activity is state-sponsored -- most likely by the Chinese government," said the report released by FireEye's regional headquarters in Singapore.
There was no immediate reaction from China, but Beijing has always denied allegations of cyber espionage.
FireEye said the cyber espionage group has consistently developed and refined its tools over the past 10 years to carry out its operations.
Bryce Boland, FireEye's chief technology officer for the Asia Pacific, said in a blog post that the region has some of the highest levels of targeted cyber attacks worldwide and many of these go undetected.
"This group (APT30) has been able to operate successfully and remain undetected for many years and has not even had to change their attack infrastructure -- a clear sign that their victims don't realise this is happening," Boland wrote.
FireEye said the espionage group "expresses a distinct interest in organisations and governments associated with ASEAN, particularly so around the time of official ASEAN meetings" -- where issues like the South China Sea dispute and international trade are discussed.
It said the espionage group's data gathering tools indicate that it is "most likely trying to compromise ASEAN members or associates to steal information that would provide insight into the region's politics and economics".
First Published: Apr 13, 2015 13:29 IST