Chinese hackers, likely state-sponsored, have been broadly targeting government and private-sector organizations across Southeast Asia, including those closely involved with Beijing on infrastructure development projects, a report released on Wednesday by a US-based private cybersecurity company said.
Specific targets included the Thai prime minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s National Assembly and the central office of its Communist Party, and Malaysia’s Ministry of Defense, said Insikt Group, the threat research division of Massachusetts-based Recorded Future.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the past nine months by hackers using custom malware families such as FunnyDream and Chinoxy.
Those custom tools are not publicly available and are used by multiple groups believed to be sponsored by China, the group said.
The targeting also aligns with the political and economic goals of the Chinese government, bolstering the suspicion it is state-sponsored, Insikt said.
“We believe this activity is highly likely to be a state actor, as the observed long-term targeted intrusions into high-value government and political targets is consistent with cyberespionage activity, coupled with identified technical links to known Chinese state-sponsored activity,” it said.
The Chinese Ministry of Foreign Affairs did not immediately respond to a request for comment on the allegations.
In the past, Chinese authorities have consistently denied any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
Of the cyberintrusions it tracked, Insikt Group said Malaysia, Indonesia and Vietnam were the top three targeted countries. Also targeted were Myanmar, the Philippines, Laos, Thailand, Singapore and Cambodia.
All countries were notified in October of the findings, although it is thought that at least some of the activity is ongoing, the company said.
“Throughout 2021, Insikt Group tracked a persistent cyberespionage campaign targeting the prime minister’s offices, military entities, and government departments of rival South China Sea claimants Vietnam, Malaysia and the Philippines,” the company said. “Additional victims during the same period include organizations in Indonesia and Thailand.”
Much of that campaign was attributed to a group being tracked under the temporary identifier Threat Activity Group 16, or TAG-16, Insikt Group said.
“We also identified evidence suggesting that TAG-16 shares custom capabilities with the [Chinese] People’s Liberation Army-linked activity group RedFoxtrot,” the group said.
Overall, Insikt Group said it had identified more than 400 unique servers in Southeast Asia communicating with malware, but it was not clear what information had been compromised.
A magnitude 7.0 earthquake struck off Yilan at 11:05pm yesterday, the Central Weather Administration (CWA) said. The epicenter was located at sea, about 32.3km east of Yilan County Hall, at a depth of 72.8km, CWA data showed There were no immediate reports of damage. The intensity of the quake, which gauges the actual effect of a seismic event, measured 4 in Yilan County area on Taiwan’s seven-tier intensity scale, the data showed. It measured 4 in other parts of eastern, northern and central Taiwan as well as Tainan, and 3 in Kaohsiung and Pingtung County, and 2 in Lienchiang and Penghu counties and 1
FOREIGN INTERFERENCE: Beijing would likely intensify public opinion warfare in next year’s local elections to prevent Lai from getting re-elected, the ‘Yomiuri Shimbun’ said Internal documents from a Chinese artificial intelligence (AI) company indicated that China has been using the technology to intervene in foreign elections, including propaganda targeting Taiwan’s local elections next year and presidential elections in 2028, a Japanese newspaper reported yesterday. The Institute of National Security of Vanderbilt University obtained nearly 400 pages of documents from GoLaxy, a company with ties to the Chinese government, and found evidence that it had apparently deployed sophisticated, AI-driven propaganda campaigns in Hong Kong and Taiwan to shape public opinion, the Yomiuri Shimbun reported. GoLaxy provides insights, situation analysis and public opinion-shaping technology by conducting network surveillance
‘POLITICAL GAME’: DPP lawmakers said the motion would not meet the legislative threshold needed, and accused the KMT and the TPP of trivializing the Constitution The Legislative Yuan yesterday approved a motion to initiate impeachment proceedings against President William Lai (賴清德), saying he had undermined Taiwan’s constitutional order and democracy. The motion was approved 61-50 by lawmakers from the main opposition Chinese Nationalist Party (KMT) and the smaller Taiwan People’s Party (TPP), who together hold a legislative majority. Under the motion, a roll call vote for impeachment would be held on May 19 next year, after various hearings are held and Lai is given the chance to defend himself. The move came after Lai on Monday last week did not promulgate an amendment passed by the legislature that
AFTERMATH: The Taipei City Government said it received 39 minor incident reports including gas leaks, water leaks and outages, and a damaged traffic signal A magnitude 7.0 earthquake struck off Taiwan’s northeastern coast late on Saturday, producing only two major aftershocks as of yesterday noon, the Central Weather Administration (CWA) said. The limited aftershocks contrast with last year’s major earthquake in Hualien County, as Saturday’s earthquake occurred at a greater depth in a subduction zone. Saturday’s earthquake struck at 11:05pm, with its hypocenter about 32.3km east of Yilan County Hall, at a depth of 72.8km. Shaking was felt in 17 administrative regions north of Tainan and in eastern Taiwan, reaching intensity level 4 on Taiwan’s seven-tier seismic scale, the CWA said. In Hualien, the
RSS