MNCs in Vietnam Targeted by Government-Linked Hackers: FireEye

Advertisement
By Reuters | Updated: 16 May 2017 18:25 IST
MNCs in Vietnam Targeted by Government-Linked Hackers: FireEye

Hackers either working for the Vietnamese government or on their behalf have broken into the computers of multinationals operating in the country as part of an increasingly sophisticated cyber-espionage campaign, cyber-security company FireEye said.

Nick Carr, senior manager of FireEye's Mandiant Incident Response team, said in an interview the same group was also responsible for hacking into the computers of Vietnamese dissidents and journalists.

He said it was impossible to identify or locate the hackers precisely or confirm they were working for the Vietnamese government, but the information they sought would be of very little use to any other party.

What Is WannaCry, Who Is Affected, and Everything Else You Need to Know About It

The attacks are unrelated to the WannaCry ransomware worm that has ravaged computers around the world since Friday.

Advertisement

"All the activity we have seen is of interest to the nation of Vietnam," Carr said in a phone interview ahead of Monday's publication of a FireEye report on hacking in Vietnam.

Advertisement

The government rejected the accusation.

"The government of Vietnam does not allow any form of cyber-attacks against organisations or individuals," said foreign ministry spokeswoman Le Thi Thu Hang. "All cyber-attacks or threats to cyber-security must be condemned and severely punished in accordance with regulations and laws."

Advertisement

Carr said FireEye had observed the group, which it called APT32, targeting foreign corporations with interests in Vietnam's manufacturing, consumer products and hospitality sectors since 2014.

In several cases, he said, the hackers sought information about the companies' operations and their adherence to local regulations, something he had rarely seen other hacker groups attempt.

Victims included a German manufacturing company about to build a factory in Vietnam, a Chinese hotel developer planning to expand its operations in the country, and the local office of a British-based global consulting firm.

He said in most cases the companies were household names. He declined to identify them, citing client confidentiality. Executives, human resources and finance staff were targeted, he said.

WannaCry Ransomware: Researchers See North Korea Link to Global Cyber-Attacks

First time
The report marks the first time a cybersecurity company has pointed to Vietnam as the source of state-motivated cyber-attacks. It is also the first time FireEye had assigned the label APT - standing for advanced persistent threat, a term usually reserved for state-sponsored hacker groups - to a group outside China and Russia.

Robert Trong Tran, who directs PwC (PricewaterhouseCoopers) cyber-security services business in Vietnam, said before the publication of the report that he was not aware of any cases of European companies being hacked.

PwC declined to comment on the FireEye report.

Amanuel Flobbe, chairman of the Vietnam European Chamber of Commerce's Information and Communications Technologies committee, said that while European companies in Vietnam had been damaged by hackers, it was no different to hacks seen elsewhere.

Vietnam has long been vulnerable to hacking, both criminal and politically motivated. In January, Microsoft listed it behind only Mongolia of countries infected with malware, with more than double the worldwide average.

Carr said the hackers "could do a lot of damage or could have a lot of impact on the organisations' competitive advantage, their ability to successfully navigate investigations and regulations."

In the case of the German manufacturer, he said, "one would suspect the timing isn't coincidental and the government has an unfair advantage."

The same group was responsible for earlier attacks on local and foreign journalists, as well as dissidents and the Vietnamese diaspora in Australia and Southeast Asia, he said.

It was the same group that Chinese cybersecurity company SkyEye Labs called OceanLotus in 2015, Carr said.

SkyEye, a part of Internet company Qihoo 360, wrote that the group was behind attacks on Chinese government agencies, research institutes and companies. It did not identify Vietnam as the source of the attacks.

SkyEye did not respond to requests for comment.

Carr said that his own research confirmed it was the same group, but that he didn't have any recent evidence that APT32 continued to target China.

The group is also linked to attacks on journalists, activists, dissidents and bloggers in Vietnam reported by the Electronic Frontier Foundation in 2013. It has also targeted Vietnamese overseas and broke into the computers of a Western national parliament, Carr wrote in the report.

Vietnamese media organisations have also been targeted, he said.

© Thomson Reuters 2017

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Wannacry, Cyber Security, Cyber Attack, Internet, Wannacry Ransomware, Ransomware, North Korea, US, Vietnam, Qihoo 360
Samsung Galaxy S8, Galaxy S8+ Units Reportedly Sold 5 Million Units Since Launch
Google I/O 2017 Keynote: Watch Live
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Here's How Much the Vivo X Fold 5 and Vivo X200 FE Might Cost in India
  2. Tecno Pova 7 5G, Pova 7 Pro 5G Launched in India: Price, Availability
  3. OTT Releases This Week: Kaalidhar Laapata, Thug Life, The Good Wife, and More
  4. Samsung Galaxy Z Fold 7 Hands-On Images Suggest It Might Sport This Design
  5. Oppo Reno 14 Pro First Impressions
  6. Tecno Spark 40 Pro+, Spark 40 Pro and Spark 40 Launched: All Details
  7. The Good Wife OTT Release Date: When and Where to Watch it Online?
  8. Apple Plans to Launch M5-Powered MacBook Pro This Year: Report
  9. Boult FluidX, FluidX Pro Debut in India With Up to 70 Hours Battery Life
  10. Tecno Pova 7 5G Series Launching Today: All You Need to Know
#Latest Stories
  1. Tecno Pova 7 5G, Pova 7 Pro 5G Launched in India With MediaTek Dimensity 7300 Ultimate SoC
  2. Google Pixel 6a Owners Eligible for $100 Cash or $150 Store Credit Under Battery Performance Programme
  3. Meta AI Chatbots Will Soon Send Users Proactive Follow-Up Messages to Boost Engagement: Report
  4. Android 16’s Live Updates to Show Active Navigation, Ongoing Phone Calls, and More on Lock Screen
  5. Helldivers 2 is Coming to Xbox Series S/X Next Month, Pre-Orders Now Live
  6. Vivo X Fold 5, Vivo X200 FE Price in India Leaked Ahead of Debut on July 14
  7. Samsung Galaxy Z Fold 7 Design Spotted in Leaked Hands-On Images Ahead of July 9 Launch
  8. iPhone 17 Pro Max Could Get a Battery Upgrade Over Its Predecessor; May ‘Reach’ 5,000mAh Capacity
  9. Apple MacBook Pro With M5 Chip to Launch This Year; 15 Mac Computers in Development: Report
  10. Tecno Pova 7 5G Series Launching Today: Expected Features and Specifications
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.