Chinese cyberspies have targeted Cambodian government institutions, opposition party members, diplomats and media, possibly to gather information ahead of elections later this month, cybersecurity firm FireEye Inc said.
The hacks are suspected to come from a Chinese cyberespionage group known as TEMP.Periscope, a report by FireEye said.
The firm had previously linked the same group to attacks on targets including US engineering and defense companies with interests in the South China Sea.
The attacks come as Cambodian Prime Minister Hun Sen seeks re-election on July 29 in a campaign bereft of an effective opposition since the dissolution of the Cambodia National Rescue Party (CNRP) and the arrest of its leader Kem Sokha last year over accusations that he plotted with the US to overthrow the government.
The intrusions are the latest example of China’s willingness to use cybertools to obtain information at sensitive times when its interests are at stake: Chinese cyberspies targeted Taiwanese opposition parties during the 2015 presidential and legislative elections and earlier this year sought information from Japanese defense companies about Tokyo’s policy toward resolving the North Korean nuclear impasse.
“We expect this activity to provide the Chinese government with widespread visibility into Cambodian elections and government operations,” said Ben Read, senior manager of FireEye iSight Intelligence’s cyberespionage team in Reston, Virginia. “The compromises fit the overall MO of Chinese espionage in that they gather up all the information that they can.”
One target, Monavithya Kem, the daughter of Kem Sokha, became aware she was under attack from a phishing e-mail when she noticed its address was not from the human rights organization that was supposed to have sent it. She was in Washington at the time.
The e-mail was sent to FireEye, which traced it to one of three servers it believes is controlled by the Chinese hackers.
“Initially I thought it was from the ruling party, but it is very disturbing to know it is coming from a foreign entity,” said Monavithya Kem, a CNRP official who faces arrest if she returns to her country.
“I hope the Cambodian government will find this disturbing too and that they are reminded it’s important not to fall under the influence of one particular country, where our interests are compromised,” she said.
Under Hun Sen’s three-decade rule, China has become Cambodia’s single biggest donor and foreign investor, eclipsing the US as its top trading partner in 2014. Cambodia has become a key supporter of China’s interests in regional forums such as ASEAN.
Diplomats have long claimed China uses its sway over nations like Cambodia to limit criticism.
As well as opposition members, the Chinese spies targeted the Cambodian National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Ministry of Economics and Finance and the Senate, human rights groups and media organizations, FireEye said, adding that it has made these entities aware of the hacks.
Neither Cambodian government spokesman Phay Siphan nor the Ministry of Foreign Affairs responded to e-mails seeking comment.
TEMP.Periscope’s three servers are “open indexed,” which means that they are accessible to anyone on the public Internet, yielding a cache of information on the group’s objectives, operational tactics and technical information, Read said.
“This type of trade-craft mistake offers valuable insight into a group’s operations since, unlike data contained in spear phishes, malicious actors do not anticipate this data being analyzed by researchers,” Read said.
One of the IP addresses came from Hainan island, he added.
The Chinese Ministry of Foreign Affairs did not respond to faxed questions.
Fireye’s analysis of the servers showed that the group was mostly engaged in gathering and downloading information, and there was no evidence of tampering.
‘OBVIOUS DIFFERENCE’: The Wuhan Institute of Virology has been researching bat coronaviruses to trace the SARS pathogen, which is 80 percent similar to SARS-CoV-2 The Chinese virology institute in the city where COVID-19 first emerged has three live strains of bat coronavirus on-site, but none match the new contagion wreaking havoc around the world, its director has said. Scientists think COVID-19 — which first emerged in Wuhan and has killed more than 340,000 people worldwide — originated in bats and could have been transmitted to people via another mammal. However, the director of the Wuhan Institute of Virology told state broadcaster China Global Television Network that claims made by US President Donald Trump and others that the novel coronavirus could have escaped from the facility were
HUMAN RIGHTS ABUSES? An institute of the Chinese Ministry of Public Security and a company are to be sanctioned over ‘human rights violations and abuses’ The US Department of Commerce on Friday said that it would sanction a Chinese government institute and eight companies over alleged human rights abuses against Uighurs and other minorities in China’s western Xinjiang region. “These nine parties are complicit in human rights violations and abuses committed in China’s campaign of repression, mass arbitrary detention, forced labor and high-technology surveillance against Uighurs, ethnic Kazakhs and other members of Muslim minority groups in the Xinjiang Uighur Autonomous Region,” the department said in a statement. The Chinese Ministry of Public Security’s Institute of Forensic Science and Aksu Huafu Textiles Co are to be sanctioned “for
SPACE RACE: The China Aerospace Science and Technology Corp mission aims to land a robotic rover and put a probe into orbit around the planet China is targeting a July launch for its ambitious Mars mission, which includes landing a remote-controlled robot on the surface of the Red Planet, the company in charge of the project has said. Beijing has invested billions of dollars in its space program in an effort to catch up with its rival, the US, and affirm its status as a major world power. The Mars mission is among a number of new space projects China is pursuing, including putting Chinese astronauts on the moon and having a space station by 2022. Beijing had been planning the Mars mission for some time this year,
Former US vice president Joe Biden on Friday said he “should not have been so cavalier” after he told a radio host that African Americans who back US President Donald Trump “ain’t black.” In a call with the US Black Chamber of Commerce that was added to his public schedule, Biden said he would never “take the African American community for granted.” “I shouldn’t have been such a wise guy,” Biden said. “No one should have to vote for any party based on their race or religion or background.” Biden faced criticism after his comments earlier on Friday on The Breakfast Club, a