MNCs in Vietnam Targeted by Government-Linked Hackers: FireEye

Advertisement
By Reuters | Updated: 16 May 2017 18:25 IST
MNCs in Vietnam Targeted by Government-Linked Hackers: FireEye

Hackers either working for the Vietnamese government or on their behalf have broken into the computers of multinationals operating in the country as part of an increasingly sophisticated cyber-espionage campaign, cyber-security company FireEye said.

Nick Carr, senior manager of FireEye's Mandiant Incident Response team, said in an interview the same group was also responsible for hacking into the computers of Vietnamese dissidents and journalists.

He said it was impossible to identify or locate the hackers precisely or confirm they were working for the Vietnamese government, but the information they sought would be of very little use to any other party.

What Is WannaCry, Who Is Affected, and Everything Else You Need to Know About It

The attacks are unrelated to the WannaCry ransomware worm that has ravaged computers around the world since Friday.

"All the activity we have seen is of interest to the nation of Vietnam," Carr said in a phone interview ahead of Monday's publication of a FireEye report on hacking in Vietnam.

Advertisement

The government rejected the accusation.

"The government of Vietnam does not allow any form of cyber-attacks against organisations or individuals," said foreign ministry spokeswoman Le Thi Thu Hang. "All cyber-attacks or threats to cyber-security must be condemned and severely punished in accordance with regulations and laws."

Advertisement

Carr said FireEye had observed the group, which it called APT32, targeting foreign corporations with interests in Vietnam's manufacturing, consumer products and hospitality sectors since 2014.

In several cases, he said, the hackers sought information about the companies' operations and their adherence to local regulations, something he had rarely seen other hacker groups attempt.

Advertisement

Victims included a German manufacturing company about to build a factory in Vietnam, a Chinese hotel developer planning to expand its operations in the country, and the local office of a British-based global consulting firm.

He said in most cases the companies were household names. He declined to identify them, citing client confidentiality. Executives, human resources and finance staff were targeted, he said.

WannaCry Ransomware: Researchers See North Korea Link to Global Cyber-Attacks

First time
The report marks the first time a cybersecurity company has pointed to Vietnam as the source of state-motivated cyber-attacks. It is also the first time FireEye had assigned the label APT - standing for advanced persistent threat, a term usually reserved for state-sponsored hacker groups - to a group outside China and Russia.

Robert Trong Tran, who directs PwC (PricewaterhouseCoopers) cyber-security services business in Vietnam, said before the publication of the report that he was not aware of any cases of European companies being hacked.

PwC declined to comment on the FireEye report.

Amanuel Flobbe, chairman of the Vietnam European Chamber of Commerce's Information and Communications Technologies committee, said that while European companies in Vietnam had been damaged by hackers, it was no different to hacks seen elsewhere.

Vietnam has long been vulnerable to hacking, both criminal and politically motivated. In January, Microsoft listed it behind only Mongolia of countries infected with malware, with more than double the worldwide average.

Carr said the hackers "could do a lot of damage or could have a lot of impact on the organisations' competitive advantage, their ability to successfully navigate investigations and regulations."

In the case of the German manufacturer, he said, "one would suspect the timing isn't coincidental and the government has an unfair advantage."

The same group was responsible for earlier attacks on local and foreign journalists, as well as dissidents and the Vietnamese diaspora in Australia and Southeast Asia, he said.

It was the same group that Chinese cybersecurity company SkyEye Labs called OceanLotus in 2015, Carr said.

SkyEye, a part of Internet company Qihoo 360, wrote that the group was behind attacks on Chinese government agencies, research institutes and companies. It did not identify Vietnam as the source of the attacks.

SkyEye did not respond to requests for comment.

Carr said that his own research confirmed it was the same group, but that he didn't have any recent evidence that APT32 continued to target China.

The group is also linked to attacks on journalists, activists, dissidents and bloggers in Vietnam reported by the Electronic Frontier Foundation in 2013. It has also targeted Vietnamese overseas and broke into the computers of a Western national parliament, Carr wrote in the report.

Vietnamese media organisations have also been targeted, he said.

© Thomson Reuters 2017

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo X200 FE Launched in India With 6,500mAh Battery, Compact Design
  2. Realme 15 Pro 5G Display, Battery Details Confirmed Ahead of India Launch
  3. iQOO Z10R India Launch Teased; May Get MediaTek Dimensity 7400 SoC
  4. Amazon Prime Day Sale 2025 Highlights: Top Last-Minute Deals on Day 3
  5. Samsung Galaxy S25 FE Key Specifications Leaked: All Details
  6. Amazon Prime Day Sale: Best Deals on Photography Cameras and Accessories
  1. OpenAI Says Its Open-Source Reasoning AI Model Is Delayed Indefinitely
  2. iPhone 17 Series Colour Options Spotted via Leaked Lens Protection Covers
  3. Samsung Galaxy F36 5G Confirmed to Launch Soon in India: All Details
  4. Samsung Galaxy S26+ or Galaxy S26 Edge May Launch With 50-Megapixel Ultrawide Camera
  5. Qualcomm Working On New Snapdragon SW6100 SoC for Wearables: Report
  6. Google Said to Be Adding a Search Bar to Gemini’s Android App
  7. Shubhanshu Shukla Bids Farewell from ISS, Honours India’s Space Legacy
  8. Realme 15 Pro 5G Display, Battery, Charging Features Revealed Ahead of July 24 India Launch
  9. Apple Smart Home Hub Launch Delayed to 2026: Mark Gurman
  10. Google Working On New AI Feature for Gboard to Improve Voice Typing Feature: Report
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.