bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

urlAlias

moreOnThisArticles

sponsorType

commentCount

authorLocations

authors

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

James Griffiths

Chinese hackers are believed to have targeted Tibetan exile groups in India that Beijing views as a threat for at least four years, despite China denying any official involvement in hacking.
One advanced team has been zeroing in on organisations there to steal information related to border disputes and Tibetan exile groups, according to cybersecurity firm FireEye.
Hacks were detected in the run-up to the first state visit to China by Indian Prime Minister Narendra Modi in April, and the group is likely still conducting attacks, FireEye said.
"Over the past four years, this threat group has [targeted] over 100 victims, approximately 70 per cent of which were in India," it said in a statement. 
It “also targeted Tibetan activists and others in Southeast Asia, with a focus on governmental, diplomatic, scientific and educational organisations." 

Beijing has viewed Tibetan groups in India with suspicion ever since the Dalai Lama fled China in 1959 to establish the Central Tibetan Administration, more commonly known as the Tibetan government-in-exile, in Dharamsala.
Unrest in China's Tibetan autonomous region in the run-up to the 2008 Beijing Olympics led to a crackdown by Chinese authorities and protests by Tibetan groups in India, Europe and North America. A spate of self-immolations in the Himalayan province in 2012 spurred another security crackdown.
China has previously been accused of spying on Tibetan organisations overseas in an apparent attempt to stave off future unrest at home.
In April, FireEye reported that a separate Chinese hacking team, APT30, had been spying on governments and businesses in Southeast Asia and India uninterrupted for a decade, echoing claims made by researchers at US firm McAfee in 2011. 

China has always denied involvement in such operations. 
"The Chinese government firmly opposes hacking attacks; this position is consistent and clear," foreign ministry spokesman Hong Lei said after the April report. 
China has long been accused of spying on Tibetan groups in India, including the Tibet government-in-exile and the Dalai Lama. 
In 2009, researchers at the Information Warfare Monitor, a Canadian NGO, accused Chinese hacking groups of breaking into computers at Tibetan government-in-exile organisations in London, New York and Dharamsala. 
"Malware attacks against ethnic minority groups in China including Tibetans and Uygurs, and religious groups such as Falun Gong, go back to at least 2002, and possibly earlier," according to the University of Toronto's Citizen Lab, which monitors cybersecurity issues. 

Uygurs are a Turkic-speaking ethnic group in the far western Chinese province of Xinjiang. Some complain of discrimination in favour of Han Chinese. Others have been accused of “terrorist” activity by Beijing, including one incident in 2013 when a jeep loaded with knives and sticks crashed in Tiananmen Square, killing five people.
While pinpointing the culprits for any given hack attack can be very difficult, FireEye experts told the Post that, at least in terms of the latest campaign, all signs pointed to China. 
They said the attackers were "well-resourced, with long-term objectives", and conducted operations around the clock, indicating high levels of discipline and funding. The malware used also pointed to China.
"Collecting intelligence on India remains a key strategic goal for China-based APT groups,” said Bryce Boland, FireEye chief technology officer for Asia-Pacific.
“These attacks on India and its neighbouring countries reflect growing interest in [India’s] foreign affairs.”


UK sanctions Russian and Chinese firms, warns of cyber threats and hybrid warfare

Can Singapore’s cyber laws keep pace with speed of borderless online threats?

Federal communications agency may bar Chinese telecoms firms from US networks

‘Follow me’: UK’s Starmer launches TikTok account despite security ban

Cybersecurity

Chinese hackers spying on Tibetan groups in India for years, experts say

Exiled Tibetan spiritual leader the Dalai Lama was welcomed by India in 1959 but is still perceived as a threat by Beijing. Photo: EPA

An ethnic group dances in southwest China's Tibet Autonomous Region in March. Photo: Xinhua

Chinese military personnel guard a street in the Tibetan capital of Lhasa in 2012 as China stepped up security in the province after a series of self-immolations by protesters. Photo: AP

Flames shoot from a jeep after it crashed into the barrier of a bridge at Tiananmen Square in Beijing in 2013, killing three people inside the vehicle and two tourists. China billed it a terrorist attack by ethnic Uygurs. Photo: SCMP Pictures

Tech

News

Asia

South Asia

Cybersecurity firm says hackers on the mainland have targeted Tibetan exile groups for at least four years, claim long denied by Beijing
