Dubai: Are government offices and military organisations losing sensitive data to Chinese hackers?
According to a new report, Chinese-speaking hackers called “Naikon” have been infiltrating the computers of top-level government agencies and civil and military organisations in countries around the South China Sea in the last few years.
Computer security company Kaspersky Lab said that the hackers have spent the last five years successfully cracking state-run organisations in many countries including the Philippines, Indonesia, Nepal, Malaysia, Singapore, Vietnam, Myanmar, Thailand, Laos and China.
The hackers appear to speak Chinese and target mainly top-level government agencies and military organisations. Those that have been infiltrated include the Office of the President, military forces, Office of the Cabinet Secretary, National Security Council, Office of the Solicitor General, Department of Justice and Federal Police, among others.
The attackers have penetrated their targets through spear-phishing techniques, by sending emails with attachments designed to be of interest to the potential victim.
“The criminals behind the Naikon attacks managed to devise a very flexible infrastructure that can be set up in any target country, with information tunneling from victim systems to the command centre. If the attackers then decide to hunt down another target in another country, they could simply set up a new connection,” said Kurt Baumgartner, principal security researcher, the Global Research and Analysis Team, Kaspersky Lab.
Kaspersky’s report did not mention whether or not the computer intrusion is part of an effort to steal sensitive data or to show that governments’ security systems are weak.
The company, however, advised that organisations can protect themselves against the threat by being extra careful with emails, especially the ones that are sent by strangers.
“Don’t open attachments and links from people you don’t know. Use an advanced anti-malware solution. If you are unsure about the attachment, try to open it in a sandbox,” Kaspersky advised.
“Make sure you have an up-to-date version of your operating system with all patches installed.”
