[ad_1]
Chinese cyber-spies targeted Cambodian government institutions, opposition party members, diplomats and the media, likely to gather information ahead of this month's elections, according to FireEye's cybersecurity firm Inc.
According to a report by FireEye, the cyber espionage group known as TEMP.Periscope had already linked the same group to attacks against US engineering and defense companies with interests in the sea from South China. himself.
The attacks occur while the prime minister of Asia, Hun Sen, seeks to be re-elected on July 29 in a campaign devoid of effective opposition since the dissolution of the Cambodian National Rescue Party and the US. arrest of his leader Kem Sokha last year. accusations that he plotted with the United States to overthrow the government.
The intrusions are the latest example of China's willingness to use computer tools to obtain information at tricky times when its interests are at stake: Chinese cyber-spies target Taiwanese opposition parties in the 2015 presidential and legislative elections Japanese defense companies on the Tokyo policy aimed at resolving the North Korean nuclear stalemate.
"We expect this activity to give the Chinese government wide visibility on Cambodian elections and government operations," said Ben Read, director of the FireEye iSIGHT Intelligence cyber-espionage team at Reston, in Virginia. "The tradeoffs correspond to the overall OM of Chinese espionage in that they gather all the information they can."
A target, Monemithya Kem, daughter of Kem Sokha, was made aware that she was being attacked by a so-called phishing email when she noticed that her address did not come from her. 39, organization of the rights of the man who was supposed to have sent her. Kem was in Washington at the time. The e-mail was sent to FireEye, who traced it to one of three servers that he said are being controlled by Chinese hackers.
"At first I thought it was coming from the party in power, but it is very disturbing to know that it comes from a foreign entity," said Kem, a CNRP official who is at risk. Be arrested if she returned to her country. "I hope that the Cambodian government will find this equally disturbing and that we will remind them that it is important not to fall under the influence of a particular country, where our interests are compromised. "
Under the three-decade rule of Hun Sen, China became the largest donor and foreign investor to Cambodia overshadowed the United States as the largest trading partner in 2014. Cambodia has become a key advocate of interests of China in regional forums such as the Association of Southeast Asian Nations. Diplomats have long claimed that China is using its influence on nations like Cambodia to limit criticism.
In addition to opposition members, Chinese spies targeted the National Electoral Commission of Cambodia, the Ministry of the Interior, the Ministry of Foreign Affairs and International Cooperation, the Ministry of the Interior, and the Ministry of the Interior. 39, Economy and Finance and the Senate. , who said that he made these entities aware of the hacks.
Neither Cambodian government spokesman Phay Siphan nor the Ministry of Foreign Affairs replied to e-mails for comment.
The three TEMP.Periscope servers had been "openly indexed", which meant that they were accessible to everyone on the public Internet, providing a cache of information about objectives, operational tactics and technical information of the group, according to Read.
"This type of craft mistake offers a valuable insight into a group's operations since, unlike the data contained in spear phishes, malicious actors do not expect these data to be analyzed by researchers" said Read. One of the IP addresses came from Hainan Island, he said.
The Chinese Ministry of Foreign Affairs did not reply to questions sent by fax.
The analysis of Fireye on the servers had shown that the group was mainly engaged in the collection and downloading of information, and that there was no evidence of falsification.
Mandiant, a unit of FireEye, alleged in 2013 that the Chinese military might have been behind a group that had hacked at least 141 companies worldwide since 2006. The United States have issued indictments against five alleged military members of this group. . – Bloomberg
[ad_2]
Source link
