14 DAY TRIAL // Hackers linked to a cyber-espionage group called APT3 have attacked two Hong Kong government departments in an attempt to gather more information about the upcoming legislative elections that are to be held this Sunday, on September 4.
US-based cyber-security firm FireEye detected the attacks. FireEye is also the company that had discovered the existence of this group back in 2014 and linked its operations to the Chinese mainland going back to as early as 2011.
FireEye and Hong Kong officials have declined to name what government departments were targeted but said the attack took place in August.
APT3 used spear-phishing emails to lure victims to malware-laden sites
The US security firm explains that APT3 hackers used spear-phishing emails that claimed to hold information about a report on election results. The email contained a link leading users to a site hosting malware.
This modus operandi is similar to techniques used in Operation Clandestine Fox and Operation Clandestine Wolf, two of APT3's main campaigns, where they lured victims to a website hosting a Flash zero-day (at that time).
China has been actively hacking governments in Southeast Asia
The timing of the attacks is not a coincidence. China has put a lot of political pressure on the local Honk Kong government to disqualify six candidates who advocated for the island's independence.
Eventually, the Electoral Affairs Commission (EAC) banned six candidates from running for the Legislative Council of Hong Kong (LegCo) because of their views.
"Typically when we see government attacks on other governments, it's about intelligence gathering and trying to gain access to information they can't get via other means," Bryce Boland, FireEye CTO for the Asia-Pacific region, told Agence France-Presse.
China has been very active in the South-China Sea region lately, trying to protect its political interests. There are countless reports from various security vendors of Chinese-linked cyber-espionage groups targeting the governments of nearby countries.