All signs, including some compelling evidence, point to a determination that China has been busy waging cyber attacks against businesses, governments and even journalists in Southeast Asia and India in the past decade.
That's the claim of a new FireEye report which lists out espionage and cyber spying incidents, by a group called APT 30, against targets spread out through Thailand, Malaysia, Vietnam, Philippines, Nepal, Singapore, Indonesia and India starting in 2005. The security firm says the cyber attacks are all tied to gaining invaluable intellectual property.
"There's no smoking gun that shows this is a Chinese government operation, but all signs point to China," says FireEye's APAC CTO Bryce Boland. "There's huge intellectual property development in Asia - that's the new battleground."
Boland cited evidence gained during months of research, including an operating manual featuring a code apparently created by China-based developers and a domain registration deemed suspicious.
FireEye's latest Threat Intelligence Report, "APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation," analyzed 200 different types of malware pushed at targets in India and Southeast Asia and describes the 10 years of attacks are part of a "regionally focused cyber espionage operation."
"We uncover a decade-long operation focused on targets-government and commercial-who hold key political, economic, and military information about the region," states the report's website.
The 10 years of targets, note FireEye, offered insight on what the Chinese hackers were focused on.
"Their targets possess information that most likely serves the Chinese government's needs for intelligence about key Southeast Asian regional political, economic, and military issues, disputed territories, and discussions related to the legitimacy of the Chinese Communist Party," states the security firm.
FireEye says the attacks indicate sophistication, noting that air gap networks, which are deemed sensitive and mission critical, are offline to the threats, which came into play in 2006. Previous threats against the networks were initially thought to be conducted by Russian cyber attackers in the years of 2008 and 2009.
For its part, China has repeatedly denied any such activity and has claimed it has been the focus and subject of international cyber espionage. Hua Chunying, a foreign ministry spokeswoman, told media in late March his country is "one of the major victims" of such Internet espionage attacks.