Cyber espionage, decoy documents, East Asian computer geniuses – sounds a lot like a Hollywood spy thriller. Unfortunately it is not.
A Singapore firm has uncovered a large scale cyber espionage network closely linked to the Chinese government. It has been active for 10 years in the region and has been targeting India in particular.
Chinese hackers are infecting computer systems of key individuals and organisations in India. The Singapore firm, FireEye has termed it the APT30 and says the infection targets Indian military, aerospace and maritime sectors.
Singapore researchers have uncovered the modus operandi of the spying network. Evidently, hackers are sending decoy documents that users would download or read in their emails. These decoy documents contain a bug that can transmit data from the infected computer system back to networks in China. The bug has the ability to hide in the computer and even attack systems not connected to a network.
The decoy documents are specially tailored to meet the interests of individuals and organisations that are targeted – these can include government agencies, private industry and media groups.
Chinese hackers used decoy documents on Indian military movements in the South China sea, papers on the indigenous aircraft carrier under construction in Kochi, incidents on the China border and relations with Nepal to infect key military individuals and organisations.
The types of decoy documents that are sent, are such:
Decoy documents on China’s relationship with India, specially on military matters.
Documents related to Indian military projects, like the aircraft carrier being built at Kochi.
Documents also relate to foreign relations in the region, including Bhutan and Nepal.
If this were a Hollywood film, it is about the time a Jason Bourne type figure would infiltrate the Chinese government and take down the hackers lair, resounding the heroism of the Indian state. Unfortunately, such drastic steps will not be taken.