Chinese cyber spies have been attacking Southeast Asia for a long time. It is high time that ASEAN and Southeast Asian governments find an effective way of plugging the existing technological loophole.
By Umair Jamal
A telecom firm in the Philippines recently hired the services of a United States-based cybersecurity firm to shore up its defenses against the potential threats of spying by China.
It became the latest in a string of Southeast Asian corporations to have engaged a cybersecurity firm to strengthen its online defense systems.
There are reports that Beijing-led cyber espionage operations are targeting government officials and other state infrastructures across Southeast Asia. Those reports claim China is employing various methods to increase its intelligence operations in the region, including engaging human spies, using bots, hacking and buying information.
The growth of China’s spying infrastructure in Southeast Asia presents a credible threat to the region’s security. It is therefore high time that ASEAN comes up with a plan to plug this loophole. Otherwise, it risks Beijing being able to listen in on government conversations.
A window into China’s cyber espionage operations in Southeast Asia?
In July, a Singapore national pled guilty to spying for Chinese intelligence agencies and faces at least 10 years in prison. Jun Wei Yeo, a former PhD candidate at the Lee Kuan Yew School of Public Policy, admitted to establishing a fake consultancy firm on LinkedIn to cultivate ties with the US and Southeast Asian military and government officials.
Reportedly, hackers from China have been spying on governments and businesses in Southeast Asia for more than a decade. According to a report from internet security company FireEye, China’s cyber espionage operations date back to 2005 or earlier and “focused on targets—government and commercial—who hold key political, economic and military information about the region.”
“Such a sustained, planned development effort coupled with the [hacking] group’s regional targets and mission, lead us to believe that this activity is state-sponsored – most likely the Chinese government,” warned the report’s authors.
In 2011, McAfee researchers reported that a campaign with links to China named Shady Rat attacked Asian governments, including the ASEAN Secretariat. According to another report, China has been running at least six different cyber espionage campaigns in the Southeast Asian region since 2013. Indonesia, Myanmar, Taiwan and Vietnam are reportedly the main targets of these operations.
Chinese hackers have also been targeting universities in both the US and Southeast Asia in an attempt to gain access to maritime military secrets. Beijing may be spying on Southeast Asian governments to steal documents and planning related to activity in the South China Sea. In any case, this doesn’t bode well for the region’s security.
What tools and methodologies has Beijing used?
In an attempt to get the upper hand in the information game, China has deployed many hacking techniques and tools, including selling its artificial intelligence (AI) technologies to Southeast Asian nations. For instance, China recently installed an AI-powered surveillance system in Manila, the capital of the Philippines.
China funded the project, valued at US$400 million, as part of its Belt and Road Initiative and both Huawei and China International Telecommunication and Construction Corporation (CITCC) worked on the project. This example showcases how, as Hugh Harsono wrote in The Diplomat, “China is utilizing artificial intelligence, among other technology, to gain a foothold in foreign security and communication systems.”
There are other examples of Chinese software running some of the region’s call centers and managing government databases. Beijing’s spies have also been using other sources such as LinkedIn to gain access to classified documents and information. For instance, in 2017, Germany’s intelligence agency claimed that Chinese intelligence officials had used LinkedIn to target at least 10,000 Germans.
In an attempt to target Southeast Asia, a group of Chinese hackers named APT 30 have developed malware which is capable of stealing data from highly secure air-gapped networks. “APT 30 was particularly interested in the activities of the 10-member Association of Southeast Asian Nations (ASEAN) in order to gain insights into Southeast Asia political dynamics,” noted Franz-Stefan Gady in The Diplomat while referring to the 2015 Fire Eye report.
What can ASEAN do to address the challenges?
The evidence suggests ASEAN and Southeast Asian governments remain vulnerable to China’s cyberattacks. So far, there has been no concerted, strategic effort by ASEAN to put in place cyber defenses. While ASEAN has long recognized the need for having an effective cyber defense system, “very little has come of this discourse,” said Miguel Gomez, a researcher at De La Salle University in the Philippines, speaking to Reuters.
This is even despite evidence that China-based hackers have not only attacked Southeast Asian governments but ASEAN as well. The spread of disinformation and Beijing’s cyberattacks on Southeast Asia have hastened due to the COVID-19 pandemic. This escalation in activity means that ASEAN may have to ask for help from countries with more expertise.
The US has previously pledged to help build ASEAN’s cyber capabilities and help foster regional cooperation among member states on cybersecurity. With or without outside assistance, it is high time that ASEAN develops a system capable of protecting its cyberspace. Otherwise, the region’s security will be at the mercy of Beijing’s cyber spies.