PHL government, private firms warned vs 'China malware' (Business Mirror (Philippines))

THE Philippines is facing an advanced cyberthreat that is most likely backed up by the Chinese government, an American network security company warned on Tuesday.

FireEye revealed in its recent intelligence report, APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation, that a cyber-espionage campaign has been targeting the state and business community in the country for almost a decade now.

The study, likewise, revealed that other Asean member-states, including Malaysia, Thailand and Vietnam, as well as India, have been consistently targeted by APT 30-a suspected China-sponsored advanced persistent threat (APT) group.

Advanced threat groups like APT 30 illustrate that state-sponsored cyber espionage affects a variety of governments and organizations in the Philippines and Southeast Asia, said Wias Issa, senior director at FireEye.

Governments and businesses in the Philippines [and the rest of the region] face persistent, well-resourced threat actors, he added.

Cyber spying since 2005, APT 30 is one of the longest-running APT groups that FireEye tracks, which deployed customized malware for use in specific campaigns targeting Asean members and others.

Of the 200 samples of its malware that were probed, it was found out that some were aimed at organizations in the Philippines.

Analysis conducted on APT 30’s malware also showed a methodological strategy to software development akin to that of established technology businesses-an approach that aligns closely to the different diplomatic, political, media and private-sector environments they intended to breach.

Issa did not comment on the decadelong overlapping claims of the Philippines, Malaysia, Vietnam and China over the South China Sea. He, however, said the study revealed that APT 30’s targets have information that could serve the Chinese government’s needs for intelligence about key Southeast Asian political, economic and military issues, disputed territories and discussions related to the legitimacy of the Chinese Communist Party.

Broadly speaking, the issues in the region are things that the Chinese have expressed interest in, whether it be dissident issues or territorial disputes, maritime issues, or things along those lines. We suspect that; that’s why they are so interested in the Southeast Asian region, he told the BusinessMirror.

He, likewise, raised a concern for protection among the industries, particularly the media and entertainment sector, considering that targeted attacks in 2014 saw a significant uptake on members of the press who report on regional affairs and Chinese government.

We also see a lot of attacks against defense on industrial base. We see attacks against the financial sector, oil and gas explorations. They generally possess sensitive information that, if in the hands of the adversary, could provide them a competitive advantage, he added.

Considering that APT 30’s attack tools, tactics and procedures (TTPs) have remained consistent since inception-a rare finding as most APT actors adjust their TTPs regularly to evade detection-he pushed for an immediate concerted efforts to its solution.

There’s a number of measures and countermeasures an organization can take, Issa said. But I think awareness and education are the keys, and then understanding from a defense perspective. Companies, like FireEye, are well positioned to do that, he stressed.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyberattacks.

These highly sophisticated cyberattacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus and gateways.

From July to December 2014, FireEye products detected malware used by APT groups and other actors targeting the networks of 29 percent and 27 percent of its customers in Southeast Asia and across the globe, respectively.

Related Post