Cyberattackers have been caught hacking key Cambodian government institutions in what is strongly believed to be a coordinated Chinese government attack ahead of elections set for this month, a U.S. cybersecurity firm has alleged. Cambodia’s National Election Committee, Senate, Ministry of Foreign Affairs, Ministry of Interior, and Ministry of Economy and Finance have all been breached, along with computer systems of foreign diplomats, media institutions and opposition figures, an investigation by FireEye Inc. concluded. “We expect this activity to provide the Chinese government with widespread visibility into Cambodian elections and government operations,” the firm said in a report issued Tuesday. “Additionally, this group is clearly able to run several large-scale intrusions concurrently across a wide range of victim types.”
Cambodians head to the polls on July 29 in elections that follow last year’s dissolution of the opposition Cambodia National Rescue Party (CNRP), the only viable contender to the ruling Cambodian People’s Party (CPP).
FireEye discovered that a suite of malicious software, or malware, that they had tracked since 2013 had been deployed against Cambodian political targets since at least April 2017, including numerous members of the CNRP.
The malware suite — TEMP.Periscope — was carelessly left on publicly accessible servers, allowing FireEye to observe its logs, which revealed “objectives, operational tactics, and a significant amount of technical attribution-validation.”
Full Article: China Accused of Hacking Cambodian Government Institutions.