Cambodia’s Cyber War Room

Uploaded on 2017-06-15 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

Documents leaked to media suggest Cambodia’s Prime Minister Hun Sen, his eldest son Hun Manet and son-in-law Sok Puthyvuth and other prominent governmrnt officials, were involved in an ongoing campaign to spread Cambodian Peoples Party (CPP) rhetoric, monitor opposition supporters on social media and attack opposition Cambodia National Rescue Party (CNRP) leaders.

Two Cambodian government officials listed as senior members of a “Cyber War Room” denied the existence of the group even as five current and past members of the body confirmed its existence.

The documents and emails were forwarded to reporters recently, apparently from the hacked Gmail account of Kim Santepheap, an undersecretary of state at the Cambodian Justice Ministry and ministry spokesman, who is also listed as a deputy head of the war room, dubbed the CWR, on a leaked roster.

Mr. Santepheap denied the veracity of the leaks, suggesting that a hacker had created “illegal news” by tampering with his account. He had filed a complaint with the National Police claiming his personal email and Facebook accounts had been hacked, which was reported by the media recently.

“The hacker probably tried to create confusion in the news and if the media broadcasts it, it will make the public confused too,” he said. “As reporters know, my only duty is as undersecretary of state at the Justice Ministry.”

National Police spokesman Kirth Chatharith could not be reached for comment on Mr. Santepheap’s complaint.

Dith Tina, a spokesman for the Mines and Energy Ministry who is listed as a deputy chairman of the CWR, claimed yesterday to have never heard of the group and urged reporters to focus on more optimistic stories.

But five people listed on the leaked documents from 2013 said they were either current or former members of the CWR, even as they seemed reluctant to discuss the group’s activities.

Rin Vireak, who is listed as deputy head of the group on a 2013 CWR contact list, said he “stopped already” when asked if he was involved with the CWR before hanging up on a reporter

The CWR contact list included 40 people, with their telephone numbers and email addresses, and a second contact list included more than 100 “foot soldiers.” The five who spoke to Daily reporters confirmed their names as listed.

Takeo province governor Lay Vannak acknowledged he was an active member of the province’s CWR working group while Ieng Aunny, listed as a member of the working group, said he had left the group four years ago. Both men said they were too busy to answer more questions.

Yam Panha, who identified herself as a university student studying business, said she, too, was an active member of the CWR, but claimed to be too busy and junior in rank to elaborate on her role, which was listed on the 2013 roster as a member of the administrative team.

“I cannot tell you very much about the CWR or something because I’m just a member,” she said, demanding to know how reporters knew about the group and obtained her phone number.

Seng Kim Hong, listed as a support member, said he left the group about a year ago, and declined to answer questions about its activities, saying “because something is secret so I cannot tell you.”

A spate of Facebook and email hacks over the past six months have spilled secrets from both opposition activists and ruling party officials into the public domain, with the recipient list on the CWR leaks similar to earlier ones sent by an anonymous anti-government hacker identified only as “Champa Borey.”

The emails and documents in the latest leak, which continued yesterday, and could not be verified, paint a vivid picture of a nascent social media propaganda machine.

A five-page file from June 2013 introduces the structure and members of the group, which it says was initiated a year earlier to prepare for the national elections, and which it says is headed by Lieutenant General Manet.

Mr. Hun Sen’s eldest son, who holds a number of senior military posts and is widely seen as a possible successor to his father, did not respond to requests for comment yesterday.

Mr. Puthyvuth, CEO of the conglomerate Soma Group, who also did not respond for comment, is listed as one of nine deputy chairs of the CWR.

As laid out in the documents, Lt. Gen. Manet’s top-level group’s tasks were numerous: “monitor and control the information on social media,” “research and collect information involving attacks on the party,” assess the party’s social media strengths and weakness, coordinate with relevant “institutions or bodies,” file reports to a central committee, and “fulfill duties assigned by the party leader.”

According to the leak, these tasks appeared to be divided up among five subgroups, whose assignments include creating and distributing media favorable to the party as well as the “study, research and observation” of “any behavior which promotes the opposition party.”

The leaked emails, whose recipients include an email address with Mr. Hun Sen’s name, seem to show the group leaping into action for the election by creating anti-opposition memes and sharing recorded audio and video clips, including those involved with an alleged mistress of then-deputy opposition leader Kem Sokha whose mother claimed in 2013 that she was beaten by Mr. Sokha’s security guards.

In perhaps the most direct exchange, an email allegedly sent by Lt. Gen. Manet on July 11, 2013, describes how the CPP will spin the return from exile of then-CNRP President Sam Rainsy, referred to as “SR,” including “the release of proactive information/disinformation, analysis” as well as justification for “the arrest of SR and that he should face arrest as a person responsible for breaking the law and not as victim as he wants to be seen.”

Notes allegedly documenting an “urgent meeting” on the night of July 30, just two days after the contested election handed the CPP a near-defeat, seem to show CWR leadership assessing the damage of the vote, claiming the CNRP sought to “destroy or reject the election results by relying mainly on youth forces.”

The summary of the purported meeting pats the ruling party on the back for winning the popular vote because of its strong structure, control of the police and military police, and unspecified “help from outside,” and describes plans to counter the CNRP’s mobilisation efforts by diluting the opposition’s message on social media, and galvanising CPP supporters.

But it notes that “the influence of Facebook can topple the government through people power.”

CNRP spokesman Yim Sovann said he was unaware of the CWR but was unconcerned.

“The people have the right judgement,” he said. “We do not have to pay attention to false things like [propaganda]…. We have important things to do.”

Ein News

You Might Also Read: 

Facebook To Introduce Fake News Tools:

Is It Possible To Neutralise Fake News?:

 

« What Makes A Cyber Criminal?
How Cybercrime Affects The Healthcare Industry »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

Surevine

Surevine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

NSIT

NSIT

NSIT SAS is a consulting, advisory and service provider in IT systems. Solution areas include networking & infrastructure, IT management & administration, and cyber security.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

GitGuardian

GitGuardian

Enable developers, ops, security and compliance professionals to enforce security policies across public and private code, and other data sources as well

EuraTechnologies

EuraTechnologies

EuraTechnologies, the French incubator and accelerator, is a centre of excellence and innovation for startups and entrepreneurs with a focus on Digital, Data, Cybersecurity and IoT.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

Central Intelligence Agency (CIA)

Central Intelligence Agency (CIA)

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Action Fraud

Action Fraud

Action Fraud is the UK’s national reporting centre for fraud and cyber crime where you should report fraud if you have been scammed, defrauded or experienced cyber crime.