A state-sponsored hacking group believed to be aligned with the People’s Republic of China has been accused of targeting two Hong Kong government agencies in a “politically motivated” attack just prior to the legislative elections which took place on 4 September.
The hacking group, which has been dubbed APT3 (Advanced Persistent Threat) by cybersecurity researchers, allegedly launched a series of spear phishing attacks in early August, cybersecurity experts from US firm FireEye told Bloomberg.
The attacks by APT3 were almost certainly politically motivated and consisted of emails that were hosting malicious links and attachments, according to John Watters, president of iSight Partners, a division of FireEye that was acquired last year for $200m.
These emails were reportedly spoofed to look like they included reports on the Hong Kong election results and featured a hyperlink that led to a compromised website that contained the malware, Watters said. If clicked, it could give the hackers full access to a targets’ computer.
“What it appears to be is an opportunity to gain information without having the transparency of having to make a request,” the FireEye expert told Bloomberg. “If you want to know what someone’s thinking, would you rather read their diary or hear their prepared remarks?”
The names of the exact agencies that were targeted were not disclosed, however the Hong Kong government office for information confirmed the attempted hacks had taken place. “Relevant security measures had already been put in place to block the suspicious e-mails,” it said in a short statement. “So far, there is no security incident report from the two concerned departments.”
While Watters declined to attribute the attacks directly to the Chinese government, another FireEye expert noted that APT3, specifically linked with the Hong Kong incident, is highly suspected of being “sponsored by the People’s Republic of China.”
Bryce Boland, the firm’s Asia Pacific chief technology officer (CTO) told AFP: “Typically when we see government attacks on other governments, it’s about intelligence gathering and trying to gain access to information they can’t get via other means.
“[There is] a lot of discussion, a lot of uncertainty about the political future in Hong Kong,” he continued. “I imagine [China] is trying to get a clearer picture of what’s going on inside some of these government departments.” He added that cyberattacks of this nature have spiked since the mass pro-democracy ‘umbrella protests’ two years ago.
The influence of Beijing on the Hong Kong political system was a key campaigning factor of the 2016 elections in which voters were able to vote for the city’s 70-seat legislative council. As reported by The Guardian, 23-year-old Nathan Law, who was a leader of the 2014 ‘umbrella movement’, was elected.
Furthermore, the issue of independence was reportedly a major reason for a high voter turnout of 2.2 million people. On Monday, as the dust settled on the results, Electoral Affairs Commission chairman, Barnabus Fung, noted: “There was a record-breaking amount of people casting their ballots this year.”