Since January there have been raids from Vietnam against Chinese government sites. The Ministry of Emergency Management and Wuhan Municipality are targeted. A group known as APT32, active since 2012, behind the cyberattack. Experts believe there are links to the Hanoi government or the Vietnamese Communist Party.
Hanoi (AsiaNews / Agencies) - Targeted attacks since last January against Chinese government sites, to harvest useful information to counter the imminent spread of the new coronavirus in the country.
According to some experts, there are (also) hackers behind the strategy implemented by Hanoi in the fight against Covid-19, which unlike Europe and the United States - and other Asian nations - has proven successful in terms of containment.
Cyber security expert FireEye reported that "suspected Vietnamese APT32 agents launched a series of intrusion operations against Chinese targets [...] to gather intelligence about the crisis" from January to April. The ministry for emergency management and the municipality of Wuhan are targeted. Hanoi's reply was immediate, speaking through the spokesman of the Ministry of Foreign Affairs Ngo Toan Thang talking about "unfounded accusations". However, doubts remain.
APT32 first emerged in the news in 2012, with a series of attacks on Chinese, then Vietnamese and Philippine entities. In 2016, another episode confirmed a targeted operation by the group "serving Vietnamese state interests". In a report published in May of the following year, FireEye speaks of "cyber espionage group, aligned with" Hanoi.
In November last year, when the first signs of atypical pneumonia emerged in Wuhan, some governments including the United States and Vietnam itself deployed intelligence agencies to collect information and trace a possible extent of the pandemic. And what impact it would have on their respective countries, considering the traditional lack of transparency on the part of the Chinese government which kept essential information hidden until at least the end of January.
Analysts and experts believe it is plausible that the Vietnamese government has mandated several agencies to collect information on the new coronavirus. Targeted messages on the net, posts on Weibo (the Chinese Facebook), blogs and online information sites. Vietnam would also have had access to "confidential" intelligence messages through routine links and exchanges.
FireEye's first analysis shows that on January 6, computer agents in the pay of Hanoi hacked into Chinese government sites. These attacks continued without interruption for the first three months of the year, reinforced by the omissions and lack of transparency shown in the early stages of the pandemic from Beijing.
Developments in recent weeks lead experts to believe that APT32 is, in reality, a unit of the Vietnamese ministry of communications and information or another department. Regardless of the ministry of reference, for analysts it is an emanation of the government or the leaders of the Communist Party of Vietnam.