Hackers, most likely from China, have been spying on governments and businesses in Southeast Asia and India uninterrupted for a decade, researchers at internet security company FireEye said.
In a report released on Monday, FireEye said the cyber-espionage operations dated back to at least 2005 and “focused on targets government and commercial who hold key political, economic and military information about the region.”
“Such a sustained, planned development effort coupled with the hacking group’s regional targets and mission, lead us to believe that this activity is state-sponsored most likely the Chinese government,” the report’s authors said.
Bryce Boland, chief technology officer for Asia Pacific at FireEye and co-author of the report, said the attack was still ongoing, noting that the servers the attackers used were still operational, and that FireEye continued to see attacks against its customers, who number among the targets.
China has always denied accusations that it uses the internet to spy on governments, organisations and companies. Neither the Foreign Ministry nor the Cyberspace Administration of China, the internet regulator, immediately responded to written requests for comment on the FireEye report on Monday.
China has been accused before of targeting countries in South and Southeast Asia. In 2011, researchers from McAfee reported a campaign dubbed Shady Rat which attacked Asian governments and institutions, among other targets.
Efforts by the 10-member Association of Southeast Asian Nations (ASEAN) to build cyberdefences have been sporadic. While ASEAN has long acknowledged its importance, “very little has come of this discourse,” said Miguel Gomez, a researcher at De La Salle University in the Philippines.
The problem is not new: Singapore has reported sophisticated cyber-espionage attacks on civil servants in several ministries dating back to 2004.