China’s Cyber Attacks on Governments and Corporates in Asia

Uploaded on 2015-04-16 in INTELLIGENCE--International, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

fireeye_PRWEEK_600x400-20150414050236139.png

 

The Chinese government is accused of being behind a newly discovered set of cyber attacks waged against government agencies, corporate companies and journalists across India and Southeast Asia over the past ten years.

Security firm FireEye released a report today revealing a spate of corporate espionage and cyber spying offenses against targets located in India, Malaysia, Vietnam, Thailand, Nepal, Singapore, Philippines, Indonesia and beyond. The group said attacks began in 2005.

“There’s no smoking gun that shows this is a Chinese government operation, but all signs point to China” FireEye’s APAC CTO Bryce Boland told TechCrunch in an interview. “There’s huge intellectual property development in Asia, that’s the new battleground.”

Boland referenced several pieces of evidence collected by FireEye following “months” of research. In particular, the existence of an operating manual written in Chinese, a code base that was seemingly developed by Chinese developers, and a related domain registered to a suspicious ‘tea company’ in rural China, all imply Chinese involvement.
FireEye’s report caps a rough few days of media coverage for China’s Internet strategy. China put on a (falsely) friendly front when hosted the World Internet Conference last year, but increasingly we hear about its efforts to police the web. Last week, Citizen Lab issued a report detailed Great Canon, a new technology that allows the Chinese government to take down websites — like Github.com — using a worryingly direct and offensive approach.
Of course, it is possible that the attacks highlighted by FireEye were not run directly by the state, and instead by a professional espionage agency, which may have sold secrets to Chinese corporates or even the government itself. Actors are very often a few degrees removed, and concrete evidence is hard to find.

All in all, FireEye detected more than 200 distinction variations of malware developed by the group. The fact that these attacks remained undetected for so long is troubling given the sensitivity of the targets, but there is a positive. Boland explained that because the infrastructure of the attacks had been able to remain similar for years, it isn’t difficult to check on potential compromises and take action if needed.
FireEye shared its report with certain intelligence agencies worldwide in advance of making it public. Though Boland declined to be more specific about exactly which ones had been contacted, he did confirm that FireEye does not provide details of its intelligence or reports to the Chinese government.

Techcrunch

« NSA’s Plan to Snowden-Proof Data Using the Cloud
Russia's Cyber Attacks Grow More Brazen »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CERT.at

CERT.at

CERT.at is the Austrian national Computer Emergency Response Team.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

42Gears

42Gears

42Gears is a leading Unified Endpoint Management provider. Secure, monitor and manage tablets, phones, desktops and wearables.

Belden

Belden

Belden is a global leader in signal transmission and security solutions for mission-critical applications in enterprise and industrial markets. Belden brands include Hirschmann and Tofino Security.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Protocol Labs

Protocol Labs

Protocol Labs is a research, development, and deployment institution for improving Internet technology.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Techstep

Techstep

Techstep is a complete mobile technology enabler, making positive changes to the world of work; freeing people to work more effectively, securely and sustainably.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

Anetac

Anetac

Developed by seasoned cybersecurity experts, the Anetac Identity and Security Platform protects threat surface exploited via service accounts.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.