|
More than 200 malwares specifically designed by APT30 had been found active in computers placed in important government and commercial entities in Viet Nam so far. — Illustrative image/ Photo Ictnews |
HA NOI (Biz Hub) — A decade-long cyber espionage operation for stealing sensitive information from India and several ASEAN countries, including Viet Nam, was discovered by American security firm FireEye.
In a workshop on the newly released report, entitled APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation, held in Ha Noi on Monday, FireEye detailed how the threat group APT30 constantly organised attacks on thousands of computers, one at a time, to collect sensitive data from Asian countries, notably Viet Nam, Thailand, South Korea, India and Malaysia.
The report by FireEye said APT30 took a special interest in political developments in Southeast Asia and India, and is particularly active at the time of ASEAN summits, regional issues and territorial disputes between China, India and Southeast Asian countries.
More than 200 malwares specifically designed by APT30 had been found active in computers placed in important government and commercial entities in Viet Nam so far.
|
FireEye detailed how the threat group APT30 constantly organised attacks on thousands of computers, one at a time, to collect sensitive data from Asian countries, notably Viet Nam, Thailand, South Korea, India and Malaysia. —Photo ictnews
|
Journalists also were a target of APT30 should they report stories on the status of the Chinese economy, advanced technology, corruption and human rights, besides territorial disputes on land and the sea as well as national defence and military forces, FireEye said.
Such an espionage operation by APT30 was traced as far back as 2005, with attack tools, tactics and operational methods remaining coherent and unchanged in the past decade. This was deemed unusual compared to other threat groups as they refreshed themselves from time to time to avoid being detected, FireEye Senior Director for Asia-Pacific region Wias Issa said.
He said one possible reason why APT30 did not change to new cyber infrastructure might be that it did not feel the need to do so, and that meant the group's stealth activities had not been discovered in the last ten years.
Regarding the motive of the threat group, FireEye said there was a high chance Beijing was behind the espionage operation due to the massive involvement of China in the sensitive data acquired by APT30 and other technical traces that pointed to Beijing. — VNS