During the lead-up to the recent legislative elections in Hong Kong, two government agencies in the country had been targeted by cyberespionage agents from China in a politically-motivated attack during August, a cybersecurity firm stated.
A Chinese hacking group has been accused of targeting multiple Hong Kong government agencies with cyberespionage operations in politically motivated attacks, according to U.S. cybersecurity firm iSIGHT, a unit of FireEye Inc,.
Dubbed APT 3 (Advanced Persistent Threat), the hacking group has, according to iSIGHT president John Watters speaking to Bloomberg, targeted the Hong Kong agencies with spear-phishing attacks. The malware-laden emails were sent in what was “certainly” a politically motivated attack, Watters said, due to the targets involved.
While Watters refused to confirm if APT 3 was a state-sponsored or linked hacking group, he revealed that the firm had informed Hong Kong authorities of incidents during at least three separate occasions.
One of the emails used during the attacks included a report on election results with a hyperlink to a compromised sub-domain that contained the malware. This malware would then have the means to infiltrate the computer from which the malicious sub-domain was accessed, before compromising other networks that the computer is connected to.
Hong Kong’s Past and Future Intertwined with China
Hong Kong’s 2016 elections saw a record 2.2 million people turn up as calls for further political autonomy or even outright independence from China resonate throughout the country. Beijing’s continued influence over Hong Kong after the latter was handed back to China from Great Britain in 1997, has been among the key campaign issues this year, where voters will select lawmakers for the 70-seat Legislative council.
Watters believes that the cyberespionage operation was triggered out of a need to gain information on Hong Kong’s political affairs.
What it appears to be is an opportunity to gain information without having the transparency of having to make a request. If you want to know what someone’s thinking, would you rather read their diary or hear their prepared remarks?
In a statement, the office for information of the Hong Kong government confirmed that it had been informed of the attacks, with “relevant security measures” enforced to block the suspicious e-mails. The office added:
So far, there is no security incident report from the two concerned departments.
The targeted departments or the stolen information, if any, haven’t been revealed or verified.
Images from Shutterstock.