Vietnam-tied hackers target auto industry firms, FireEye says


HANOI • Vietnamese “statealigned” hackers are targeting foreign automotive companies in attacks that appear to support the country’s vehicle manufacturing goals, according to cyber security provider FireEye Inc.

FireEye, which designated the group as APT32 and dates its activities to 2014, said the attacks accelerated in early February.

The hacking targeted companies in South-East Asia and “the broader areas surrounding Vietnam”, said Nick Carr, a FireEye senior manager.

“Beginning in February, we see this large uptick based on our product and services visibility showing us a lot of activity targeting the automotive industry,” Carr said.

“It is likely to support the Vietnamese government’s publicly stated domestic manufacturing goals for automobiles.”

Vietnam’s Ministry of Foreign Affairs didn’t immediately respond to an emailed request for comment.

After FireEye published a report detailing the Vietnamese-linked group’s activities in 2017, Ministry of Foreign Affairs spokeswoman Le Thi Thu Hang said the government doesn’t allow any form of cyber attacks against individuals or organisations.

The recent attacks don’t appear to be aimed at acquiring intellectual property; rather, they seem to be looking for corporate operational information, Carr added. “There are other ways to gain a competitive advantage,” he said.

The group has targeted security, technology infrastructure and consultancy companies and been a threat to political activists, FireEye said in its 2017 report.

While attackers from China, Iran, Russia and North Korea remain the most active cyber espionage threats tracked by FireEye, groups like APT32 represent a growing number of new countries involved in such activities, Carr said.

The attackers from Vietnam use phishing techniques — sending emails to induce recipients to reveal compromising information — and websites infected with malware, he said.

“They are very successful,” Carr said. “They are very creative.” — Bloomberg