Is the Chinese government behind a decade-long cyber espionage campaign?

Southeast Asia the target

China stands accused of backing a cyber warfare campaign waged against various government agencies, corporations and journalists across Southeast Asia that has lasted a decade.

A report from FireEye explained that it has evidence that might point to Chinese state involvement in the corporate espionage and cyber spying campaign, although FireEye's APAC CTO Bryce Boland told TechCrunch there's "no smoking gun" pointing to direct involvement.

Boland instead mentions various pieces of evidence that FireEye has collected over a number of months that includes an operating manual written in Chinese, a code base developed by Chinese developers and a domain name registered to a suspicious "tea company" in China.

The biggest clue, however, concerns the targets of the campaign.

"Their targets possess information that most likely serves the Chinese government's needs for intelligence about key Southeast Asian regional political, economic, and military issues, disputed territories, and discussions related to the legitimacy of the Chinese Communist Party," FireEye added.

Air gap networks attacked

APT (Advanced Persistent Threat) 30, as the group has been named by FireEye, has created over 200 different variations of malware and some of them were used to carry out attacks against air gap networks (sensitive systems kept offline for security reasons) as early as 2006. This is concerning given that previous data indicated the first instances of this were by Russian attackers in 2008 and 2009.

It's thought that two developers were working the back-end tools for the attack operators with one other developing the attack tools themselves. Boland went on to admit that even though the developers have devised a sophisticated plan, the infrastructure of the attacks has remained the same for years thus making it fairly straightforward to take action to negate any potential damage.

FireEye has shared its information with a range of intelligence agencies across the world and even though they didn't confirm the countries that have received the information, China is not one that has been given it.