KUALA LUMPUR: Malaysia could be the target of China-based cybercriminals as Mahathir Mohamad's administration seeks to renegotiate Belt and Road projects signed by the previous regime.
The warning by FireEye, a global cybersecurity company, comes just days before Malaysian Prime Minister Mahathir heads to China for an official visit this Friday (Aug 17).
“Malaysia’s new government has called for renegotiation of the terms of some Belt and Road projects, which is likely to generate some uncertainty in parties interested in the outcome of these projects and other regional developments,” Sandra Joyce, FireEye’s vice president and head of global intelligence operations, said on Wednesday (Aug 15).
“We expect espionage activity against Malaysian organisations to increase in an attempt to gain insight into current events ... to gain information about the future of the initiatives that represent major investments.”
Mahathir has vowed to renegotiate multi-billion-ringgit Beijing-backed projects signed with the previous government, saying the contracts’ terms are unfair and costly.
These include the US$20 billion East Coast Rail Link (ECRL), as well as two gas pipeline projects.
The ECRL, which links Malaysia’s west coast with ports in the east, is of major interest to hackers, according to Joyce.
“... it connects to the Straits of Melaka, which is where a quarter of the wealth in the region is transported,” she pointed out.
Asked whether these China-based hackers are state-sanctioned, Joyce said “yes”, but did not elaborate further.
FireEye believes that China-based hackers have deployed systematic cyber espionage against Southeast Asian countries that are involved in the Belt and Road Initiative, and such activities are increasing.
“This includes both Chinese cyber espionage activity targeting countries in the region, and other nation-state cyber operations targeting Chinese organisations,” said Joyce.
She said there are “a variety of actors” who would seek to gain information and collect business intelligence on individual projects and agreements.
FireEye said targeted sectors include regional governments, academia and think tanks, transportation, construction, manufacturing, energy, mining and finance.
The company said a Chinese cyber espionage group called TEMP.Periscope has targeted entities in the maritime transportation sector in Hong Kong, Europe and the United States.
“While such targeting may be tied to continued tensions around the South China Sea or standing intelligence collection requirements related to naval targets, this is possibly due in part to the expanding investment in maritime transportation infrastructure,” FireEye said.