Cambodia’s Cyber War Room

Uploaded on 2017-06-15 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

Documents leaked to media suggest Cambodia’s Prime Minister Hun Sen, his eldest son Hun Manet and son-in-law Sok Puthyvuth and other prominent governmrnt officials, were involved in an ongoing campaign to spread Cambodian Peoples Party (CPP) rhetoric, monitor opposition supporters on social media and attack opposition Cambodia National Rescue Party (CNRP) leaders.

Two Cambodian government officials listed as senior members of a “Cyber War Room” denied the existence of the group even as five current and past members of the body confirmed its existence.

The documents and emails were forwarded to reporters recently, apparently from the hacked Gmail account of Kim Santepheap, an undersecretary of state at the Cambodian Justice Ministry and ministry spokesman, who is also listed as a deputy head of the war room, dubbed the CWR, on a leaked roster.

Mr. Santepheap denied the veracity of the leaks, suggesting that a hacker had created “illegal news” by tampering with his account. He had filed a complaint with the National Police claiming his personal email and Facebook accounts had been hacked, which was reported by the media recently.

“The hacker probably tried to create confusion in the news and if the media broadcasts it, it will make the public confused too,” he said. “As reporters know, my only duty is as undersecretary of state at the Justice Ministry.”

National Police spokesman Kirth Chatharith could not be reached for comment on Mr. Santepheap’s complaint.

Dith Tina, a spokesman for the Mines and Energy Ministry who is listed as a deputy chairman of the CWR, claimed yesterday to have never heard of the group and urged reporters to focus on more optimistic stories.

But five people listed on the leaked documents from 2013 said they were either current or former members of the CWR, even as they seemed reluctant to discuss the group’s activities.

Rin Vireak, who is listed as deputy head of the group on a 2013 CWR contact list, said he “stopped already” when asked if he was involved with the CWR before hanging up on a reporter

The CWR contact list included 40 people, with their telephone numbers and email addresses, and a second contact list included more than 100 “foot soldiers.” The five who spoke to Daily reporters confirmed their names as listed.

Takeo province governor Lay Vannak acknowledged he was an active member of the province’s CWR working group while Ieng Aunny, listed as a member of the working group, said he had left the group four years ago. Both men said they were too busy to answer more questions.

Yam Panha, who identified herself as a university student studying business, said she, too, was an active member of the CWR, but claimed to be too busy and junior in rank to elaborate on her role, which was listed on the 2013 roster as a member of the administrative team.

“I cannot tell you very much about the CWR or something because I’m just a member,” she said, demanding to know how reporters knew about the group and obtained her phone number.

Seng Kim Hong, listed as a support member, said he left the group about a year ago, and declined to answer questions about its activities, saying “because something is secret so I cannot tell you.”

A spate of Facebook and email hacks over the past six months have spilled secrets from both opposition activists and ruling party officials into the public domain, with the recipient list on the CWR leaks similar to earlier ones sent by an anonymous anti-government hacker identified only as “Champa Borey.”

The emails and documents in the latest leak, which continued yesterday, and could not be verified, paint a vivid picture of a nascent social media propaganda machine.

A five-page file from June 2013 introduces the structure and members of the group, which it says was initiated a year earlier to prepare for the national elections, and which it says is headed by Lieutenant General Manet.

Mr. Hun Sen’s eldest son, who holds a number of senior military posts and is widely seen as a possible successor to his father, did not respond to requests for comment yesterday.

Mr. Puthyvuth, CEO of the conglomerate Soma Group, who also did not respond for comment, is listed as one of nine deputy chairs of the CWR.

As laid out in the documents, Lt. Gen. Manet’s top-level group’s tasks were numerous: “monitor and control the information on social media,” “research and collect information involving attacks on the party,” assess the party’s social media strengths and weakness, coordinate with relevant “institutions or bodies,” file reports to a central committee, and “fulfill duties assigned by the party leader.”

According to the leak, these tasks appeared to be divided up among five subgroups, whose assignments include creating and distributing media favorable to the party as well as the “study, research and observation” of “any behavior which promotes the opposition party.”

The leaked emails, whose recipients include an email address with Mr. Hun Sen’s name, seem to show the group leaping into action for the election by creating anti-opposition memes and sharing recorded audio and video clips, including those involved with an alleged mistress of then-deputy opposition leader Kem Sokha whose mother claimed in 2013 that she was beaten by Mr. Sokha’s security guards.

In perhaps the most direct exchange, an email allegedly sent by Lt. Gen. Manet on July 11, 2013, describes how the CPP will spin the return from exile of then-CNRP President Sam Rainsy, referred to as “SR,” including “the release of proactive information/disinformation, analysis” as well as justification for “the arrest of SR and that he should face arrest as a person responsible for breaking the law and not as victim as he wants to be seen.”

Notes allegedly documenting an “urgent meeting” on the night of July 30, just two days after the contested election handed the CPP a near-defeat, seem to show CWR leadership assessing the damage of the vote, claiming the CNRP sought to “destroy or reject the election results by relying mainly on youth forces.”

The summary of the purported meeting pats the ruling party on the back for winning the popular vote because of its strong structure, control of the police and military police, and unspecified “help from outside,” and describes plans to counter the CNRP’s mobilisation efforts by diluting the opposition’s message on social media, and galvanising CPP supporters.

But it notes that “the influence of Facebook can topple the government through people power.”

CNRP spokesman Yim Sovann said he was unaware of the CWR but was unconcerned.

“The people have the right judgement,” he said. “We do not have to pay attention to false things like [propaganda]…. We have important things to do.”

Ein News

You Might Also Read: 

Facebook To Introduce Fake News Tools:

Is It Possible To Neutralise Fake News?:

 

« What Makes A Cyber Criminal?
How Cybercrime Affects The Healthcare Industry »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Seric Systems

Seric Systems

Seric is a technology business specialising in security, infrastructure and data management.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Infodas

Infodas

Infodas provides Cybersecurity and IT consulting / system integration services as well as a range of innovative Cybersecurity products to public sector and commercial clients.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

CY4GATE

CY4GATE

CY4GATE was conceived to design, develop and produce technologies and products that are able to meet the most stringent and modern requirements of Cyber Intelligence & Cyber Security.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Grindstone Ventures

Grindstone Ventures

Grindstone Ventures is a post-seed fund that supports post-seed equity and quasi-equity investments in early-stage innovation-driven and/or technology companies.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.