Chinese government sponsored hackers have been spying on governments and businesses in Southeast Asia and India for at least a decade, researchers from internet security company FireEye have revealed.
According to FireEye’s new threat intelligence report, dubbed ‘APT30 and the Mechanics of a Long-Running Cyber Espionage Operation,’ APT30, a group of China-based hackers, have been systematically stealing “sensitive information” since 2005, targeting governments, corporations and journalists with key political, economic and military information involving China.
“The malware revealed a decade-long operation, focused on targets – government and commercial – that hold key political, economic, and military information about the region,” read the report, co-authored by Bryce Boland, chief technology officer for Asia Pacific at FireEye.
“Such a sustained, planned development effort coupled with the (hacking) group’s regional targets and mission, lead us to believe that this activity is state-sponsored – most likely the Chinese government,” Boland noted.
“[APT30’s] targets possess information that most likely serves the Chinese government’s needs for intelligence about key Southeast Asian regional political, economic, and military issues, disputed territories, and discussions related to the legitimacy of the Chinese Communist Party.”
Boland wrote that the attacks were still going on, also stating that servers the attackers used are still operational.
China has denied any involvement in the alleged cyber attacks.
“I want to stress that the Chinese government resolutely bans and cracks down on any hacking acts. This position is clear and consistent. Hacking attacks are a joint problem faced by the international community and need to be dealt with cooperatively rather than via mutual censure,” Foreign ministry spokesman Hong Lei told Reuters.