A file photo of a Vietnamese website allegedly attacked by Chinese hackers. Photo: Truong Son
A group of hackers based in China have attacked the websites of government agencies and leading companies in Vietnam and many other Southeast Asian countries to steal information for commercial and political purposes over the past decade, a new report said.
The findings were announced by US-owned network security company FireEye at a press conference in Hanoi on Monday.
It said the group, known as APT30, has employed a set of stealthy and continuous attacks collectively known as advanced persistent threat (APT), warning that their activities have been intensified recently.
They sent out different kinds of malware specific for various sectors like diplomacy, politics, military, business and media to get information.
Most of the compromised information was related to China, said Wias Issa, a senior director of FireEye.
He said the group's method and targets suggested that it was possibly backed by a government, but he did not reveal which government it could be.
So far, FireEye reported that it has discovered up to 200 malicious programs inflicted on regional sites, and all the software programs were developed on computers using Chinese keyboards.
It took the hackers only 10 minutes to penetrate a system, but their victims did not discover the attack until almost seven months later, it said.
In a report released early this year, FireEye said the APT groups in Southeast Asia "actively" targeted governments and military entities for insider information related to negotiations and political issues.
They were interested in topics related to the East Sea, internationally known as the South China Sea, it said, adding that the groups were "increasingly active" when political tension heightened.
For commercial purposes, the groups were believed to have stolen intellectual property from leading companies in the region and send information to Chinese companies which, in turn, could make use of it to bypass years of research and development costs.
The stolen intellectual property could also allow the Chinese companies to gain an edge over competitors from the region, according to the report.
In a comment on the new FireEye's findings, Nguyen Huy Dung, deputy director of the Department of Information Security under the Ministry of Information and Communications, said they should be treated as "reference information."
Foreign companies have invested interest when releasing such information because they want to sell their security products, he said.
Asked about his theories on those who could be behind such cyber attacks, the official said: "whoever they are, they are obviously acting against Vietnam's interest."