Cambodia’s Cyber War Room

Uploaded on 2017-06-15 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

Documents leaked to media suggest Cambodia’s Prime Minister Hun Sen, his eldest son Hun Manet and son-in-law Sok Puthyvuth and other prominent governmrnt officials, were involved in an ongoing campaign to spread Cambodian Peoples Party (CPP) rhetoric, monitor opposition supporters on social media and attack opposition Cambodia National Rescue Party (CNRP) leaders.

Two Cambodian government officials listed as senior members of a “Cyber War Room” denied the existence of the group even as five current and past members of the body confirmed its existence.

The documents and emails were forwarded to reporters recently, apparently from the hacked Gmail account of Kim Santepheap, an undersecretary of state at the Cambodian Justice Ministry and ministry spokesman, who is also listed as a deputy head of the war room, dubbed the CWR, on a leaked roster.

Mr. Santepheap denied the veracity of the leaks, suggesting that a hacker had created “illegal news” by tampering with his account. He had filed a complaint with the National Police claiming his personal email and Facebook accounts had been hacked, which was reported by the media recently.

“The hacker probably tried to create confusion in the news and if the media broadcasts it, it will make the public confused too,” he said. “As reporters know, my only duty is as undersecretary of state at the Justice Ministry.”

National Police spokesman Kirth Chatharith could not be reached for comment on Mr. Santepheap’s complaint.

Dith Tina, a spokesman for the Mines and Energy Ministry who is listed as a deputy chairman of the CWR, claimed yesterday to have never heard of the group and urged reporters to focus on more optimistic stories.

But five people listed on the leaked documents from 2013 said they were either current or former members of the CWR, even as they seemed reluctant to discuss the group’s activities.

Rin Vireak, who is listed as deputy head of the group on a 2013 CWR contact list, said he “stopped already” when asked if he was involved with the CWR before hanging up on a reporter

The CWR contact list included 40 people, with their telephone numbers and email addresses, and a second contact list included more than 100 “foot soldiers.” The five who spoke to Daily reporters confirmed their names as listed.

Takeo province governor Lay Vannak acknowledged he was an active member of the province’s CWR working group while Ieng Aunny, listed as a member of the working group, said he had left the group four years ago. Both men said they were too busy to answer more questions.

Yam Panha, who identified herself as a university student studying business, said she, too, was an active member of the CWR, but claimed to be too busy and junior in rank to elaborate on her role, which was listed on the 2013 roster as a member of the administrative team.

“I cannot tell you very much about the CWR or something because I’m just a member,” she said, demanding to know how reporters knew about the group and obtained her phone number.

Seng Kim Hong, listed as a support member, said he left the group about a year ago, and declined to answer questions about its activities, saying “because something is secret so I cannot tell you.”

A spate of Facebook and email hacks over the past six months have spilled secrets from both opposition activists and ruling party officials into the public domain, with the recipient list on the CWR leaks similar to earlier ones sent by an anonymous anti-government hacker identified only as “Champa Borey.”

The emails and documents in the latest leak, which continued yesterday, and could not be verified, paint a vivid picture of a nascent social media propaganda machine.

A five-page file from June 2013 introduces the structure and members of the group, which it says was initiated a year earlier to prepare for the national elections, and which it says is headed by Lieutenant General Manet.

Mr. Hun Sen’s eldest son, who holds a number of senior military posts and is widely seen as a possible successor to his father, did not respond to requests for comment yesterday.

Mr. Puthyvuth, CEO of the conglomerate Soma Group, who also did not respond for comment, is listed as one of nine deputy chairs of the CWR.

As laid out in the documents, Lt. Gen. Manet’s top-level group’s tasks were numerous: “monitor and control the information on social media,” “research and collect information involving attacks on the party,” assess the party’s social media strengths and weakness, coordinate with relevant “institutions or bodies,” file reports to a central committee, and “fulfill duties assigned by the party leader.”

According to the leak, these tasks appeared to be divided up among five subgroups, whose assignments include creating and distributing media favorable to the party as well as the “study, research and observation” of “any behavior which promotes the opposition party.”

The leaked emails, whose recipients include an email address with Mr. Hun Sen’s name, seem to show the group leaping into action for the election by creating anti-opposition memes and sharing recorded audio and video clips, including those involved with an alleged mistress of then-deputy opposition leader Kem Sokha whose mother claimed in 2013 that she was beaten by Mr. Sokha’s security guards.

In perhaps the most direct exchange, an email allegedly sent by Lt. Gen. Manet on July 11, 2013, describes how the CPP will spin the return from exile of then-CNRP President Sam Rainsy, referred to as “SR,” including “the release of proactive information/disinformation, analysis” as well as justification for “the arrest of SR and that he should face arrest as a person responsible for breaking the law and not as victim as he wants to be seen.”

Notes allegedly documenting an “urgent meeting” on the night of July 30, just two days after the contested election handed the CPP a near-defeat, seem to show CWR leadership assessing the damage of the vote, claiming the CNRP sought to “destroy or reject the election results by relying mainly on youth forces.”

The summary of the purported meeting pats the ruling party on the back for winning the popular vote because of its strong structure, control of the police and military police, and unspecified “help from outside,” and describes plans to counter the CNRP’s mobilisation efforts by diluting the opposition’s message on social media, and galvanising CPP supporters.

But it notes that “the influence of Facebook can topple the government through people power.”

CNRP spokesman Yim Sovann said he was unaware of the CWR but was unconcerned.

“The people have the right judgement,” he said. “We do not have to pay attention to false things like [propaganda]…. We have important things to do.”

Ein News

You Might Also Read: 

Facebook To Introduce Fake News Tools:

Is It Possible To Neutralise Fake News?:

 

« What Makes A Cyber Criminal?
How Cybercrime Affects The Healthcare Industry »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

Law Enforcement Cyber Center (LECC)

Law Enforcement Cyber Center (LECC)

LECC is designed to assist police, digital forensic investigators, detectives, and prosecutors who are investigating and preventing crimes that involve technology.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

QuintessenceLabs

QuintessenceLabs

QuintessenceLabs offers a suite of Data Security technology, products and solutions to secure digital information in-transit, at-rest or in-use.

Entersekt

Entersekt

Entersekt is an innovator in push-based authentication and app security.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.