Skip to the content
W.Media
  • Home
  • Company
  • Conventions
  • Digital Events
  • Contact Us
  • Home
  • Company
  • Conventions
  • Digital Events
  • Awards
  • Contact Us
  • Tech News
  • Forum
  • Tech News
  • Digital Week
search
×

Check Point uncovers cyber espionage operation targeting governments in Asia Pacific

Published 13 May 2020

0 comments

stuart-crowley
W.media | editor
Share on Facebook Share
Share on TwitterTweet
Share on LinkedIn Share

Cybersecurity specialists at Check Point have uncovered an ongoing cyber espionage operation targeting several government bodies in Asia Pacific.

The Advanced Persistent Threat group known as Naikon used a new backdoor attack named Aria-body. This allowed hackers, who are believed to be based in China, to bypass security measures and gain remote access to a victims’ network.

The APT group targeted Southeast Asian government ministries in Indonesia, the Philippines, Vietnam and Thailand to spy on them, gain sensitive geo-political information and exploit diplomatic relations between departments.

The Manager of Threat Intelligence at Check Point, Lotem Finkelstein, said: “Naikon attempted to attack one of our customers by impersonating a foreign government.”

Check Point’s investigation of the cyber espionage operation began when they found a malicious email was sent from a government diplomat, thought to be from the Indonesian embassy in Canberra, to the government of Western Australia. 

When this email was opened, the victim’s device downloads Aria-body from servers used by Naikon.

Naikon was able to evade detection by impersonating government officials in emails using victims’ servers as command and control centers to launch new attacks. Researchers found one server belonged to the Philippines’ Department of Science and Technology.

Naikon was thought to have gone silent since ThreatConnect and Defense Group exposed them in 2015, until Check Point discovered they have been active for the past five years and even accelerated their activities this year.

In the past, Naikon was known as one of the most active APTs in Asia, attacking attacking civil and military organisations around the South China Sea.

Mr Finkelstein said: “We’ve published this research as a warning and resource for any government entity to better spot Naikon’s or other hacker group’s activities.”

This warning is particularly pertinent for governments to heed. Thailand recently approved funding for a Government Data Center and Cloud service, which must have strong cybersecurity protocols to avoid vulnerabilities that could be exploited by hackers.

To remain secure, government’s should advise staff to check emails carefully, manage user privileges, monitor and analyse logs, and make sure you’re only downloading files from trusted sites.

Receive the latest news.

We'll keep you in the loop.

Great! now press

Featured Articles


How China’s Data Center Industry is likely to shape up in 2021


Socomec energises Singapore with a powerful UPS training course


Back To Tech News

More Articles

Palo Alto Networks unveils new Singapore cloud location

Palo Alto Networks, a global cybersecurity leader, has... Read More

Delta completes first Uptime certified green data center in Vietnam

Taiwan-based power management solutions company Delta... Read More

OLL and NEC to build MIST cable across Singapore, Malaysia, Thailand and India

Orient Link (OLL) and NEC Corporation have signed an... Read More

Open Source Hardware to drive Reinvention of an efficient Data Center

Data centers have been springing up at an accelerated rate... Read More

W.Media is global B2B Tech
Marketing Agency that specializes in
PR, Digital Media Marketing and Events Coordination

  • facebook
  • linkedin
Quick Links
  • Company
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
Offerings
  • Tech News
  • Digital Events
  • Conventions
  • Digital Week

Copyright © 2020 W.Media | All Rights Reserved

Receive the latest news.

We'll keep you in the loop.

Great! now press