In a report released on May 25, FireEye, a security firm, pointed out that APT30, a group of Chinese hackers, have been hacking websites in Vietnam and ASEAN countries over the last 10 years with the aim of stealing political, diplomatic, economic and military information.
As many as 200 malicious codes used by APT30 to attack important Vietnamese organizations.
Wias Issa, a senior executive of FireEye, said APT30 used a professional method used at tech firms to develop malware, designed specifically to approach different political, diplomatic, business and journalism sectors. ATP30 does not aim to steal businesses’ intellectual property or advanced technologies.
FireEye noted that ATP30 is highly qualified, enduring and it might be funded by a government.
The same tools of attack, tactics and the ways of carrying out operations have been used by ATP30 from the beginning.
Meanwhile, most hackers change their tactics regularly to avoid detection. ATP30 is also believed to use one infrastructure system only over the last decade.
In late May, 1,000 Vietnamese websites were hacked in by 1937cn, another group of Chinese hackers. The intentional attacks mostly targeted websites of schools, science & technology development firms, maritime firms, and quality measurement companies which store important data.
The majority of the hacked websites were fixed by June 3. However, some websites of educational organizations (with the domain name of ‘.edu.vn’) were still inaccessible, or had been changed completely.
The latest report from Kaspersky showed that Chinese hackers have been targeting governmental, military and civil organizations in Vietnam and countries which have disputes with China about territorial waters.
The report mentioned a group of Chinese hackers called ‘Naikon’, which specializes in launching attacks targeting civil and military organizations in South East Asian countries and Nepal.
The method Naikon mostly uses is sending emails with attached files containing malware. If users carelessly open the emails, their systems will get infected with hackers’ viruses.
Vietnamese analysts pointed out that Vietnam is passive in cyberwar. The victims discovered the attacks only after they occurred and then tried to fix the problems. Meanwhile, they did not take measures to prevent the attacks and minimize the damage caused by the attacks.
Ngo Tran Vu from VNISA (Vietnam Information Security Association) noted that Vietnamese institutions and businesses do not allocate appropriate budgets for information security solutions. In general, small organizations do not have staff in charge of information security, but rely on service provider hosts.
NLD