FireEye warns China's Belt and Road Initiative will spark uptick in cyber-espionage

News by Robert Abel

FireEye researchers are cautioning Malaysian organisations to be on the lookout for elevated cyber-espionage attacks that could result from China's Belt & Road Initiative.

FireEye researchers are cautioning Malaysian organisations to be on the lookout for elevated cyber-espionage attacks that could result from recent political developments concerning China's Belt & Road Initiative.

The "One Belt, One Road" or "Belt and Road Initiative" (BRI) is an ambitious, multi-year, US$1 trillion (£785 billion) endeavor to build land and maritime trade routes across Asia and parts of Africa into Europe to project China's influence across the greater region, according to an internal FireEye report provided to SC Media.

Researchers speculate the project will spawn cyber-espionage activity on regional governments along these trade routes and will likely include the emergence of new threat groups and nation-state actors considering the geopolitical interests that will be affected by the endeavor.

"Malaysia's new government has called for renegotiation of the terms of some Belt & Road projects, which is likely to generate some uncertainty in parties interested in the outcome of these projects and other regional developments," Sandra Joyce, vice president and head of global intelligence operations at FireEye. "We expect espionage activity against Malaysian organisations will increase in an attempt to gain insight into current events," said in a release prepared for the firm's customers.

Joyce added that Malaysian organisations both in the public and private sector should take steps to strategically manage their risk by understanding who their potential enemies are and how they would likely target them.

Researchers speculate threat actors may look to use announcements on BRI progress as lure material for phishing attacks and other future intrusions and have already witnessed indication of cyber-espionage activity in areas concerning the project is increasing from regional and unattributed actors.

Activity has been spotted from a threat group dubbed "Roaming Tiger" which primarily focuses on targets in the former Soviet Union, targeting Belarus.

In addition, researchers have also seen TOYSNAKE malware targeting European entities, BANECHANT malware targeting the Maldives, LITRECOLA malware targeting Cambodia, SAFERSING malware targeting international NGOs, and TEMP.Periscope targeting maritime industry.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events