Researchers uncover massive Chinese spying campaign

Researchers uncover massive Chinese spying campaign
© Getty Images

China’s cyber spying efforts go much further in Asia than previously thought, security researchers said Monday.

Hackers who appear to be sponsored by the Chinese government have conducted a decadelong campaign to monitor Southeast Asian governments and businesses online, Internet security company FireEye said in a new report.


The ongoing activity is focused on targets that hold “key political, economic and military information about the region,” and includes companies in India, the firm said.

“Such a sustained, planned development effort coupled with the [hacking] group’s regional targets and mission, lead us to believe that this activity is state-sponsored — most likely the Chinese government,” the report’s authors said.

FireEye acknowledged that there is no “smoking gun” that links the campaign to Beijing but said the professionalism of the hacking effort suggests it is sponsored by a government.

The attacks involve more than 200 variations of malware injected via spam and spear phishing emails, as well as tools to break into systems that are not connected to the Internet.

The efforts to crack so-called “air-gapped” networks are notable because the Chinese hackers were developing that capability as early as 2005, prior to attempts by other hacking groups.

China denies that it uses its vast abilities in cyberspace to spy on governments or companies.

Still, security researchers are making great strides in understanding exactly how Beijing conducts espionage and targets adversaries online.

Last week, experts identified an offensive Chinese cyber tool they dubbed the “Great Cannon” that can shape Internet traffic into cyberattacks against certain websites.

This program, separate from the country’s firewall, was used to attack GitHub, a U.S. coding site, researchers said.