Chinese hackers, likely state-sponsored, have been broadly targeting government and private-sector organizations across Southeast Asia, including those closely involved with Beijing on infrastructure development projects, a report released on Wednesday by a US-based private cybersecurity company said.
Specific targets included the Thai prime minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s National Assembly and the central office of its Communist Party, and Malaysia’s Ministry of Defense, said Insikt Group, the threat research division of Massachusetts-based Recorded Future.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the past nine months by hackers using custom malware families such as FunnyDream and Chinoxy.
Those custom tools are not publicly available and are used by multiple groups believed to be sponsored by China, the group said.
The targeting also aligns with the political and economic goals of the Chinese government, bolstering the suspicion it is state-sponsored, Insikt said.
“We believe this activity is highly likely to be a state actor, as the observed long-term targeted intrusions into high-value government and political targets is consistent with cyberespionage activity, coupled with identified technical links to known Chinese state-sponsored activity,” it said.
The Chinese Ministry of Foreign Affairs did not immediately respond to a request for comment on the allegations.
In the past, Chinese authorities have consistently denied any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
Of the cyberintrusions it tracked, Insikt Group said Malaysia, Indonesia and Vietnam were the top three targeted countries. Also targeted were Myanmar, the Philippines, Laos, Thailand, Singapore and Cambodia.
All countries were notified in October of the findings, although it is thought that at least some of the activity is ongoing, the company said.
“Throughout 2021, Insikt Group tracked a persistent cyberespionage campaign targeting the prime minister’s offices, military entities, and government departments of rival South China Sea claimants Vietnam, Malaysia and the Philippines,” the company said. “Additional victims during the same period include organizations in Indonesia and Thailand.”
Much of that campaign was attributed to a group being tracked under the temporary identifier Threat Activity Group 16, or TAG-16, Insikt Group said.
“We also identified evidence suggesting that TAG-16 shares custom capabilities with the [Chinese] People’s Liberation Army-linked activity group RedFoxtrot,” the group said.
Overall, Insikt Group said it had identified more than 400 unique servers in Southeast Asia communicating with malware, but it was not clear what information had been compromised.
GET TO SAFETY: Authorities were scrambling to evacuate nearly 700 people in Hualien County to prepare for overflow from a natural dam formed by a previous typhoon Typhoon Podul yesterday intensified and accelerated as it neared Taiwan, with the impact expected to be felt overnight, the Central Weather Administration (CWA) said, while the Directorate-General of Personnel Administration announced that schools and government offices in most areas of southern and eastern Taiwan would be closed today. The affected regions are Tainan, Kaohsiung and Chiayi City, and Yunlin, Chiayi, Pingtung, Hualien and Taitung counties, as well as the outlying Penghu County. As of 10pm last night, the storm was about 370km east-southeast of Taitung County, moving west-northwest at 27kph, CWA data showed. With a radius of 120km, Podul is carrying maximum sustained
Tropical Storm Podul strengthened into a typhoon at 8pm yesterday, the Central Weather Administration (CWA) said, with a sea warning to be issued late last night or early this morning. As of 8pm, the typhoon was 1,020km east of Oluanpi (鵝鑾鼻), Taiwan’s southernmost tip, moving west at 23kph. The storm carried maximum sustained winds of 119kph and gusts reaching 155kph, the CWA said. Based on the tropical storm’s trajectory, a land warning could be issued any time from midday today, it added. CWA forecaster Chang Chun-yao (張竣堯) said Podul is a fast-moving storm that is forecast to bring its heaviest rainfall and strongest
TRAJECTORY: The severe tropical storm is predicted to be closest to Taiwan on Wednesday and Thursday, and would influence the nation to varying degrees, a forecaster said The Central Weather Administration (CWA) yesterday said it would likely issue a sea warning for Tropical Storm Podul tomorrow morning and a land warning that evening at the earliest. CWA forecaster Lin Ting-yi (林定宜) said the severe tropical storm is predicted to be closest to Taiwan on Wednesday and Thursday. As of 2pm yesterday, the storm was moving west at 21kph and packing sustained winds of 108kph and gusts of up to 136.8kph, the CWA said. Lin said that the tropical storm was about 1,710km east of Oluanpi (鵝鑾鼻), Taiwan’s southernmost tip, with two possible trajectories over the next one
TALKS CONTINUE: Although an agreement has not been reached with Washington, lowering the tariff from 32 percent to 20 percent is still progress, the vice premier said Taiwan would strive for a better US tariff rate in negotiations, with the goal being not just lowering the current 20-percent tariff rate, but also securing an exemption from tariff stacking, Vice Premier Cheng Li-chiun (鄭麗君) said yesterday. Cheng made the remarks at a news conference at the Executive Yuan explaining the new US tariffs and the government’s plans for supporting affected industries. US President Donald Trump on July 31 announced a new tariff rate of 20 percent on Taiwan’s exports to the US starting on Thursday last week, and the Office of Trade Negotiations on Friday confirmed that it
RSS