Cyber espionage attacks against foreign companies operating in Vietnam have been traced to a group of hackers “aligned with Vietnamese state interests,” according to a
report from cyber-security provi-der FireEye.
The attacks by the group — designated by FireEye as APT32 — have been conducted since at least 2014, mainly targeting companies operating in the manufacturing, consumer products and hospitality sectors, FireEye said in the report released. The group has also targeted foreign governments, dissidents and journalists, it said.
“The unauthorized access could serve as a platform for law enforcement, intellectual property theft, or anti-corruption measures that could ultimately erode the competitive advantage of targeted organizations,” the report said.
“The government of Vietnam does not allow any form of cyber-attacks against organizations or individuals,” Ministry of Foreign Affairs spokeswoman Le Thi Thu Hang said in an email. “All cyber-attacks or threats to cybersecurity, must be condemned and severely punished in accordance with regulations and laws.”
The report comes as a new wave ransom threats hit more than 200,000 computers in at least 150 countries, affecting companies and government agencies from the US to Europe to Asia.
The malware used a technique purportedly stolen from the US National Security Agency.
APT32 conducted the attacks by leveraging files that use social-engineering methods to entice victims, FireEye said.
The file then downloads malicious payloads from remote servers, with further attacks delivered via “phishing” emails, it said.
The group is also targeting security, technology infrastructure and consultancy companies, FireEye said, adding that APT32 continues to threaten political activism and free speech in Southeast Asia and the public sector worldwide.
“Governments, journalists, and members of the Vietnam diaspora may continue to be targeted,” the report said.