Chinese hackers, likely state-sponsored, have been broadly targeting government and private-sector organizations across Southeast Asia, including those closely involved with Beijing on infrastructure development projects, a report released on Wednesday by a US-based private cybersecurity company said.
Specific targets included the Thai prime minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s National Assembly and the central office of its Communist Party, and Malaysia’s Ministry of Defense, said Insikt Group, the threat research division of Massachusetts-based Recorded Future.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the past nine months by hackers using custom malware families such as FunnyDream and Chinoxy.
Those custom tools are not publicly available and are used by multiple groups believed to be sponsored by China, the group said.
The targeting also aligns with the political and economic goals of the Chinese government, bolstering the suspicion it is state-sponsored, Insikt said.
“We believe this activity is highly likely to be a state actor, as the observed long-term targeted intrusions into high-value government and political targets is consistent with cyberespionage activity, coupled with identified technical links to known Chinese state-sponsored activity,” it said.
The Chinese Ministry of Foreign Affairs did not immediately respond to a request for comment on the allegations.
In the past, Chinese authorities have consistently denied any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
Of the cyberintrusions it tracked, Insikt Group said Malaysia, Indonesia and Vietnam were the top three targeted countries. Also targeted were Myanmar, the Philippines, Laos, Thailand, Singapore and Cambodia.
All countries were notified in October of the findings, although it is thought that at least some of the activity is ongoing, the company said.
“Throughout 2021, Insikt Group tracked a persistent cyberespionage campaign targeting the prime minister’s offices, military entities, and government departments of rival South China Sea claimants Vietnam, Malaysia and the Philippines,” the company said. “Additional victims during the same period include organizations in Indonesia and Thailand.”
Much of that campaign was attributed to a group being tracked under the temporary identifier Threat Activity Group 16, or TAG-16, Insikt Group said.
“We also identified evidence suggesting that TAG-16 shares custom capabilities with the [Chinese] People’s Liberation Army-linked activity group RedFoxtrot,” the group said.
Overall, Insikt Group said it had identified more than 400 unique servers in Southeast Asia communicating with malware, but it was not clear what information had been compromised.
ANTI-SHIP CONFIGURATION: The Tuo Chiang-class vessels are to be built for NT$9.7 billion by Lung Teh, a shipyard that previously built four similar corvettes for the navy The Ministry of National Defense on Wednesday awarded Lung Teh Shipbuilding (龍德造船) a NT$9.7 billion Co (US$317.57 million) contract to build five Tuo Chiang-class corvettes with anti-ship capabilities, a defense official familiar with the matter said yesterday. The corvettes would carry vertical launchers for four Hsiung Feng II (HF-2) missiles, as well as eight Hsiung Feng III (HF-3) anti-ship missiles, in contrast to ships configured for anti-air warfare, which carry eight HF-2 and four HF-3 missiles, the official said, speaking on condition of anonymity. The anti-ship corvettes would be armed for improved standoff range against surface combatants and carry the latest
PARTIAL SUPPORT: Morris Chang said he agrees with the US’ goal to slow advances of China’s chip sector, but US policies that might boost chip prices perplex him Washington’s efforts to on-shore semiconductor production might lead to surges in chip prices and supply bottlenecks, Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) founder Morris Chang (張忠謀) said yesterday. The 91-year-old industry veteran said he supports parts of Washington’s effort to slow China’s progress on advanced chip manufacturing. China is still six years behind Taiwan in making advanced chips, despite years-long efforts to catch up, Chang told a Commonwealth Magazine forum that he coheadlined with Tufts University assistant professor Chris Miller, an expert on the US-China rivalry’s effects on chip manufacturing. However, Chang said that other parts of the effort, particularly Washington’s on-shoring
‘COINCIDENCE’: The former president should keep in mind local and global response to his actions and abide by the law to safeguard national interests, the MAC said The Presidential Office yesterday confirmed that it has received an application from former president Ma Ying-jeou (馬英九) to visit China next week and would be discussing his security detail. “As the travel restrictions on former president Ma have expired, we respect his plan to pay respect to his ancestors in China,” Presidential Office spokeswoman Lin Yu-chan (林聿禪) said. “We will review his travel plan and consult concerned agencies to assist him in arranging his security detail.” “We also hope that Ma, as a former commander in chief of Taiwan, acts in a manner that aligns with national interests and does not hurt
‘WRONG DECISION’: Honduras should carefully consider the situation, and not fall into China’s trap and jeopardize the bilateral friendship, the foreign ministry said The Ministry of Foreign Affairs yesterday said that it had expressed “grave concern” to the government of Honduras after Honduran President Xiomara Castro on Tuesday wrote on Twitter that it would pursue official diplomatic relations with China. In addition to issuing a statement, Vice Minister of Foreign Affairs Alexander Yui (俞大㵢) summoned Honduran Ambassador to Taiwan Harold Burgos to the ministry in Taipei early yesterday to voice the government’s concerns. The meeting lasted about 20 minutes and Burgos did not make any public comments upon arriving at the ministry. Burgos said shortly after noon that he had not yet heard from his country’s
RSS