Chinese cyberspies have targeted Cambodian government institutions, opposition party members, diplomats and media, possibly to gather information ahead of elections later this month, cybersecurity firm FireEye Inc said.
The hacks are suspected to come from a Chinese cyberespionage group known as TEMP.Periscope, a report by FireEye said.
The firm had previously linked the same group to attacks on targets including US engineering and defense companies with interests in the South China Sea.
The attacks come as Cambodian Prime Minister Hun Sen seeks re-election on July 29 in a campaign bereft of an effective opposition since the dissolution of the Cambodia National Rescue Party (CNRP) and the arrest of its leader Kem Sokha last year over accusations that he plotted with the US to overthrow the government.
The intrusions are the latest example of China’s willingness to use cybertools to obtain information at sensitive times when its interests are at stake: Chinese cyberspies targeted Taiwanese opposition parties during the 2015 presidential and legislative elections and earlier this year sought information from Japanese defense companies about Tokyo’s policy toward resolving the North Korean nuclear impasse.
“We expect this activity to provide the Chinese government with widespread visibility into Cambodian elections and government operations,” said Ben Read, senior manager of FireEye iSight Intelligence’s cyberespionage team in Reston, Virginia. “The compromises fit the overall MO of Chinese espionage in that they gather up all the information that they can.”
One target, Monavithya Kem, the daughter of Kem Sokha, became aware she was under attack from a phishing e-mail when she noticed its address was not from the human rights organization that was supposed to have sent it. She was in Washington at the time.
The e-mail was sent to FireEye, which traced it to one of three servers it believes is controlled by the Chinese hackers.
“Initially I thought it was from the ruling party, but it is very disturbing to know it is coming from a foreign entity,” said Monavithya Kem, a CNRP official who faces arrest if she returns to her country.
“I hope the Cambodian government will find this disturbing too and that they are reminded it’s important not to fall under the influence of one particular country, where our interests are compromised,” she said.
Under Hun Sen’s three-decade rule, China has become Cambodia’s single biggest donor and foreign investor, eclipsing the US as its top trading partner in 2014. Cambodia has become a key supporter of China’s interests in regional forums such as ASEAN.
Diplomats have long claimed China uses its sway over nations like Cambodia to limit criticism.
As well as opposition members, the Chinese spies targeted the Cambodian National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Ministry of Economics and Finance and the Senate, human rights groups and media organizations, FireEye said, adding that it has made these entities aware of the hacks.
Neither Cambodian government spokesman Phay Siphan nor the Ministry of Foreign Affairs responded to e-mails seeking comment.
TEMP.Periscope’s three servers are “open indexed,” which means that they are accessible to anyone on the public Internet, yielding a cache of information on the group’s objectives, operational tactics and technical information, Read said.
“This type of trade-craft mistake offers valuable insight into a group’s operations since, unlike data contained in spear phishes, malicious actors do not anticipate this data being analyzed by researchers,” Read said.
One of the IP addresses came from Hainan island, he added.
The Chinese Ministry of Foreign Affairs did not respond to faxed questions.
Fireye’s analysis of the servers showed that the group was mostly engaged in gathering and downloading information, and there was no evidence of tampering.
BACKLASH: The National Party quit its decades-long partnership with the Liberal Party after their election loss to center-left Labor, which won a historic third term Australia’s National Party has split from its conservative coalition partner of more than 60 years, the Liberal Party, citing policy differences over renewable energy and after a resounding loss at a national election this month. “Its time to have a break,” Nationals leader David Littleproud told reporters yesterday. The split shows the pressure on Australia’s conservative parties after Prime Minister Anthony Albanese’s center-left Labor party won a historic second term in the May 3 election, powered by a voter backlash against US President Donald Trump’s policies. Under the long-standing partnership in state and federal politics, the Liberal and National coalition had shared power
CONTROVERSY: During the performance of Israel’s entrant Yuval Raphael’s song ‘New Day Will Rise,’ loud whistles were heard and two people tried to get on stage Austria’s JJ yesterday won the Eurovision Song Contest, with his operatic song Wasted Love triumphing at the world’s biggest live music television event. After votes from national juries around Europe and viewers from across the continent and beyond, JJ gave Austria its first victory since bearded drag performer Conchita Wurst’s 2014 triumph. After the nail-biting drama as the votes were revealed running into yesterday morning, Austria finished with 436 points, ahead of Israel — whose participation drew protests — on 357 and Estonia on 356. “Thank you to you, Europe, for making my dreams come true,” 24-year-old countertenor JJ, whose
NO EXCUSES: Marcos said his administration was acting on voters’ demands, but an academic said the move was emotionally motivated after a poor midterm showing Philippine President Ferdinand Marcos Jr yesterday sought the resignation of all his Cabinet secretaries, in a move seen as an attempt to reset the political agenda and assert his authority over the second half of his single six-year term. The order came after the president’s allies failed to win a majority of Senate seats contested in the 12 polls on Monday last week, leaving Marcos facing a divided political and legislative landscape that could thwart his attempts to have an ally succeed him in 2028. “He’s talking to the people, trying to salvage whatever political capital he has left. I think it’s
A documentary whose main subject, 25-year-old photojournalist Fatima Hassouna, was killed in an Israeli airstrike in Gaza weeks before it premiered at Cannes stunned viewers into silence at the festival on Thursday. As the cinema lights came back on, filmmaker Sepideh Farsi held up an image of the young Palestinian woman killed with younger siblings on April 16, and encouraged the audience to stand up and clap to pay tribute. “To kill a child, to kill a photographer is unacceptable,” Farsi said. “There are still children to save. It must be done fast,” the exiled Iranian filmmaker added. With Israel
RSS