China’s Cyber Attacks on Governments and Corporates in Asia

fireeye_PRWEEK_600x400-20150414050236139.png

 

The Chinese government is accused of being behind a newly discovered set of cyber attacks waged against government agencies, corporate companies and journalists across India and Southeast Asia over the past ten years.

Security firm FireEye released a report today revealing a spate of corporate espionage and cyber spying offenses against targets located in India, Malaysia, Vietnam, Thailand, Nepal, Singapore, Philippines, Indonesia and beyond. The group said attacks began in 2005.

“There’s no smoking gun that shows this is a Chinese government operation, but all signs point to China” FireEye’s APAC CTO Bryce Boland told TechCrunch in an interview. “There’s huge intellectual property development in Asia, that’s the new battleground.”

Boland referenced several pieces of evidence collected by FireEye following “months” of research. In particular, the existence of an operating manual written in Chinese, a code base that was seemingly developed by Chinese developers, and a related domain registered to a suspicious ‘tea company’ in rural China, all imply Chinese involvement.
FireEye’s report caps a rough few days of media coverage for China’s Internet strategy. China put on a (falsely) friendly front when hosted the World Internet Conference last year, but increasingly we hear about its efforts to police the web. Last week, Citizen Lab issued a report detailed Great Canon, a new technology that allows the Chinese government to take down websites — like Github.com — using a worryingly direct and offensive approach.
Of course, it is possible that the attacks highlighted by FireEye were not run directly by the state, and instead by a professional espionage agency, which may have sold secrets to Chinese corporates or even the government itself. Actors are very often a few degrees removed, and concrete evidence is hard to find.

All in all, FireEye detected more than 200 distinction variations of malware developed by the group. The fact that these attacks remained undetected for so long is troubling given the sensitivity of the targets, but there is a positive. Boland explained that because the infrastructure of the attacks had been able to remain similar for years, it isn’t difficult to check on potential compromises and take action if needed.
FireEye shared its report with certain intelligence agencies worldwide in advance of making it public. Though Boland declined to be more specific about exactly which ones had been contacted, he did confirm that FireEye does not provide details of its intelligence or reports to the Chinese government.

Techcrunch

« NSA’s Plan to Snowden-Proof Data Using the Cloud
Russia's Cyber Attacks Grow More Brazen »

Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Hyper Recruitment Solutions

Hyper Recruitment Solutions

Hyper Recruitment Solutions is a specialist and highly compliant recruitment consultancy dedicated to the Science and Technology sectors.

VMworld

VMworld

VMworld is a global conference for virtualization and cloud computing, including associated security issues.

Engage Black

Engage Black

Engage Black provides solutions for securing and protecting cryptographic keys, data at rest, and data in motion.

Sectigo

Sectigo

Sectigo provides web security products that help customers protect, monitor, recover, and manage their web presence and connected devices.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

Innosphere

Innosphere

Innosphere Ventures is Colorado’s leading science and technology incubator, accelerating the success of high-impact startup and scaleup companies.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

Secuvant

Secuvant

Secuvant is an independent IT Security firm providing enterprise-grade IT security services to mid-market organizations.