Chinese hackers, likely state-sponsored, have been broadly targeting government and private-sector organizations across Southeast Asia, including those closely involved with Beijing on infrastructure development projects, a report released on Wednesday by a US-based private cybersecurity company said.
Specific targets included the Thai prime minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s National Assembly and the central office of its Communist Party, and Malaysia’s Ministry of Defense, said Insikt Group, the threat research division of Massachusetts-based Recorded Future.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the past nine months by hackers using custom malware families such as FunnyDream and Chinoxy.
Those custom tools are not publicly available and are used by multiple groups believed to be sponsored by China, the group said.
The targeting also aligns with the political and economic goals of the Chinese government, bolstering the suspicion it is state-sponsored, Insikt said.
“We believe this activity is highly likely to be a state actor, as the observed long-term targeted intrusions into high-value government and political targets is consistent with cyberespionage activity, coupled with identified technical links to known Chinese state-sponsored activity,” it said.
The Chinese Ministry of Foreign Affairs did not immediately respond to a request for comment on the allegations.
In the past, Chinese authorities have consistently denied any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
Of the cyberintrusions it tracked, Insikt Group said Malaysia, Indonesia and Vietnam were the top three targeted countries. Also targeted were Myanmar, the Philippines, Laos, Thailand, Singapore and Cambodia.
All countries were notified in October of the findings, although it is thought that at least some of the activity is ongoing, the company said.
“Throughout 2021, Insikt Group tracked a persistent cyberespionage campaign targeting the prime minister’s offices, military entities, and government departments of rival South China Sea claimants Vietnam, Malaysia and the Philippines,” the company said. “Additional victims during the same period include organizations in Indonesia and Thailand.”
Much of that campaign was attributed to a group being tracked under the temporary identifier Threat Activity Group 16, or TAG-16, Insikt Group said.
“We also identified evidence suggesting that TAG-16 shares custom capabilities with the [Chinese] People’s Liberation Army-linked activity group RedFoxtrot,” the group said.
Overall, Insikt Group said it had identified more than 400 unique servers in Southeast Asia communicating with malware, but it was not clear what information had been compromised.
CHAOS: Iranians took to the streets playing celebratory music after reports of Khamenei’s death on Saturday, while mourners also gathered in Tehran yesterday Iranian Supreme Leader Ayatollah Ali Khamenei was killed in a major attack on Iran launched by Israel and the US, throwing the future of the Islamic republic into doubt and raising the risk of regional instability. Iranian state television and the state-run IRNA news agency announced the 86-year-old’s death early yesterday. US President Donald Trump said it gave Iranians their “greatest chance” to “take back” their country. The announcements came after a joint US and Israeli aerial bombardment that targeted Iranian military and governmental sites. Trump said the “heavy and pinpoint bombing” would continue through the week or as long
TRUST: The KMT said it respected the US’ timing and considerations, and hoped it would continue to honor its commitments to helping Taiwan bolster its defenses and deterrence US President Donald Trump is delaying a multibillion-dollar arms sale to Taiwan to ensure his visit to Beijing is successful, a New York Times report said. The weapons sales package has stalled in the US Department of State, the report said, citing US officials it did not identify. The White House has told agencies not to push forward ahead of Trump’s meeting with Chinese President Xi Jinping (習近平), it said. The two last month held a phone call to discuss trade and geopolitical flashpoints ahead of the summit. Xi raised the Taiwan issue and urged the US to handle arms sales to
BIG SPENDERS: Foreign investors bought the most Taiwan equities since 2005, signaling confidence that an AI boom would continue to benefit chipmakers Taiwan Semiconductor Manufacturing Co’s (TSMC, 台積電) market capitalization swelled to US$2 trillion for the first time following a 4.25 percent rally in its American depositary receipts (ADR) overnight, putting the world’s biggest contract chipmaker sixth on the list of the world’s biggest companies by market capitalization, just behind Amazon.com Inc. The site CompaniesMarketcap.com ranked TSMC ahead of Saudi Aramco and Meta Platforms Inc. The Taiwanese company’s ADRs on Tuesday surged to US$385.75 on the New York Stock Exchange, as strong demand for artificial intelligence (AI) applications led to chip supply constraints and boost revenue growth to record-breaking levels. Each TSMC ADR represents
State-run CPC Corp, Taiwan (CPC, 台灣中油) yesterday said that it had confirmed on Saturday night with its liquefied natural gas (LNG) and crude oil suppliers that shipments are proceeding as scheduled and that domestic supplies remain unaffected. The CPC yesterday announced the gasoline and diesel prices will rise by NT$0.2 and NT$0.4 per liter, respectively, starting Monday, citing Middle East tensions and blizzards in the eastern United States. CPC also iterated it has been reducing the proportion of crude oil imports from the Middle East and diversifying its supply sources in the past few years in response to geopolitical risks, expanding
RSS