Skip to the content
W.Media
  • Home
  • Company
  • Conventions
  • Digital Events
  • Contact Us
  • Home
  • Company
  • Conventions
  • Digital Events
  • Contact Us
  • Tech News
  • Digital Week
  • Tech News
  • Digital Week
search
×

Check Point uncovers cyber espionage operation targeting governments in Asia Pacific

Published 13 May 2020

0 comments

Stuart
W.media | editor
Share on Facebook Share
Share on TwitterTweet
Share on LinkedIn Share

Cybersecurity specialists at Check Point have uncovered an ongoing cyber espionage operation targeting several government bodies in Asia Pacific.

The Advanced Persistent Threat group known as Naikon used a new backdoor attack named Aria-body. This allowed hackers, who are believed to be based in China, to bypass security measures and gain remote access to a victims’ network.

The APT group targeted Southeast Asian government ministries in Indonesia, the Philippines, Vietnam and Thailand to spy on them, gain sensitive geo-political information and exploit diplomatic relations between departments.

The Manager of Threat Intelligence at Check Point, Lotem Finkelstein, said: “Naikon attempted to attack one of our customers by impersonating a foreign government.”

Check Point’s investigation of the cyber espionage operation began when they found a malicious email was sent from a government diplomat, thought to be from the Indonesian embassy in Canberra, to the government of Western Australia. 

When this email was opened, the victim’s device downloads Aria-body from servers used by Naikon.

Naikon was able to evade detection by impersonating government officials in emails using victims’ servers as command and control centers to launch new attacks. Researchers found one server belonged to the Philippines’ Department of Science and Technology.

Naikon was thought to have gone silent since ThreatConnect and Defense Group exposed them in 2015, until Check Point discovered they have been active for the past five years and even accelerated their activities this year.

In the past, Naikon was known as one of the most active APTs in Asia, attacking attacking civil and military organisations around the South China Sea.

Mr Finkelstein said: “We’ve published this research as a warning and resource for any government entity to better spot Naikon’s or other hacker group’s activities.”

This warning is particularly pertinent for governments to heed. Thailand recently approved funding for a Government Data Center and Cloud service, which must have strong cybersecurity protocols to avoid vulnerabilities that could be exploited by hackers.

To remain secure, government’s should advise staff to check emails carefully, manage user privileges, monitor and analyse logs, and make sure you’re only downloading files from trusted sites.

Receive the latest news.

We'll keep you in the loop.

Great! now press

Featured Articles


Digital Realty launches third Singapore-based data center


DreamMark1: Shaping Korea’s tech dreams


Back To Tech News

More Articles

Ho Chi Minh City sets up cybercrime division

Ho Chi Minh, Vietnam’s largest city, has just announced... Read More

Equinix and partners drive $3 billion in DC projects globally

Nasdaq-listed Equinix today provided detailed roadmap of... Read More

South Australian government chooses Atos as cloud provider

The government of South Australia has selected German cloud... Read More

E2E Networks Joins Hands With K-Tech Center of Excellence for Data Science & AI

E2E Networks Joins Hands With K-Tech Center of Excellence for Data Science & AI

National Stock Exchange-listed cloud provider E2E Networks... Read More

Logo

W.Media is Global B2B Tech Marketing
Company & Community Hub,

We Specialize in PR, Digital Media Marketing and Events Coordination
for the Cloud/IT, Datacenter, & Digital Transformation Industries.

  • facebook
  • linkedin
Quick Links
  • Company
  • Contact Us
  • Privacy Policy
  • Terms & Conditions
Offerings
  • Tech News
  • Digital Events
  • Conventions
  • Digital Week

Copyright © 2020 W.Media | All Rights Reserved

Receive the latest news.

We'll keep you in the loop.

Great! now press