Chinese cyberspies have targeted Cambodian government institutions, opposition party members, diplomats and media, possibly to gather information ahead of elections later this month, cybersecurity firm FireEye Inc said.
The hacks are suspected to come from a Chinese cyberespionage group known as TEMP.Periscope, a report by FireEye said.
The firm had previously linked the same group to attacks on targets including US engineering and defense companies with interests in the South China Sea.
The attacks come as Cambodian Prime Minister Hun Sen seeks re-election on July 29 in a campaign bereft of an effective opposition since the dissolution of the Cambodia National Rescue Party (CNRP) and the arrest of its leader Kem Sokha last year over accusations that he plotted with the US to overthrow the government.
The intrusions are the latest example of China’s willingness to use cybertools to obtain information at sensitive times when its interests are at stake: Chinese cyberspies targeted Taiwanese opposition parties during the 2015 presidential and legislative elections and earlier this year sought information from Japanese defense companies about Tokyo’s policy toward resolving the North Korean nuclear impasse.
“We expect this activity to provide the Chinese government with widespread visibility into Cambodian elections and government operations,” said Ben Read, senior manager of FireEye iSight Intelligence’s cyberespionage team in Reston, Virginia. “The compromises fit the overall MO of Chinese espionage in that they gather up all the information that they can.”
One target, Monavithya Kem, the daughter of Kem Sokha, became aware she was under attack from a phishing e-mail when she noticed its address was not from the human rights organization that was supposed to have sent it. She was in Washington at the time.
The e-mail was sent to FireEye, which traced it to one of three servers it believes is controlled by the Chinese hackers.
“Initially I thought it was from the ruling party, but it is very disturbing to know it is coming from a foreign entity,” said Monavithya Kem, a CNRP official who faces arrest if she returns to her country.
“I hope the Cambodian government will find this disturbing too and that they are reminded it’s important not to fall under the influence of one particular country, where our interests are compromised,” she said.
Under Hun Sen’s three-decade rule, China has become Cambodia’s single biggest donor and foreign investor, eclipsing the US as its top trading partner in 2014. Cambodia has become a key supporter of China’s interests in regional forums such as ASEAN.
Diplomats have long claimed China uses its sway over nations like Cambodia to limit criticism.
As well as opposition members, the Chinese spies targeted the Cambodian National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Ministry of Economics and Finance and the Senate, human rights groups and media organizations, FireEye said, adding that it has made these entities aware of the hacks.
Neither Cambodian government spokesman Phay Siphan nor the Ministry of Foreign Affairs responded to e-mails seeking comment.
TEMP.Periscope’s three servers are “open indexed,” which means that they are accessible to anyone on the public Internet, yielding a cache of information on the group’s objectives, operational tactics and technical information, Read said.
“This type of trade-craft mistake offers valuable insight into a group’s operations since, unlike data contained in spear phishes, malicious actors do not anticipate this data being analyzed by researchers,” Read said.
One of the IP addresses came from Hainan island, he added.
The Chinese Ministry of Foreign Affairs did not respond to faxed questions.
Fireye’s analysis of the servers showed that the group was mostly engaged in gathering and downloading information, and there was no evidence of tampering.
A coronavirus-free tropical island nestled in the northern Pacific might seem the perfect place to ride out a pandemic, but residents on Palau said that life right now is far from idyllic. The microstate of 18,000 people is among a dwindling number of places on Earth that still report zero cases of COVID-19 as figures mount daily elsewhere. The disparate group also includes Samoa, Turkmenistan, North Korea and bases on the frozen continent of Antarctica. A dot in the ocean hundreds of kilometers from its nearest neighbors, Palau is surrounded by the vast Pacific Ocean, which has acted as a buffer against the
Dutch scientists have found the coronavirus in a city’s wastewater before COVID-19 cases were reported, demonstrating a novel early warning system for the disease. SARS-CoV-2 — the virus that causes COVID-19 — is often excreted in an infected person’s stool. Although it is unlikely that sewage will become an important route of transmission, the pathogen’s increasing circulation in communities would increase the amount of it flowing into sewer systems, Gertjan Medema and colleagues at the KWR Water Research Institute in Nieuwegein said on Monday. They detected genetic material from the coronavirus at a wastewater treatment plant in Amersfoort on March 5, before
TRUE TOLL? Some Chinese are skeptical about official data, particularly given the overwhelmed medical system and initial attempts to cover up the outbreak The long lines and stacks of urns greeting family members of the dead at funeral homes in Wuhan, China, are spurring questions about the true scale of casualties at the epicenter of the COVID-19 outbreak, renewing pressure on a Chinese government struggling to control its containment narrative. The families of those who succumbed to the coronavirus in the city, where the disease first emerged, were allowed to pick up their cremated ashes at eight funeral homes last week. As they did, photographs circulated on Chinese social media of thousands of urns being ferried in. Outside one funeral home, trucks shipped in about 2,500
KEEN INTEREST: India is trying to procure medical gear from domestic producers and abroad, and China has emerged as a possible supplier as its factories reopen India is to buy ventilators and masks from China to help it deal with COVID-19, a government official said yesterday, even though some countries in Europe had complained about the quality of the equipment. India has recorded 1,251 cases of the coronavirus, with 32 deaths, but health experts said the country of 1.3 billion people could see a major surge in cases that could overwhelm its weak public health system. Indian Prime Minister Narendra Modi’s government said that it was trying to procure medical gear, including masks and body coveralls, both from domestic firms and from countries such as South Korea and