Vietnamese hackers targeted Chinese state organisations for coronavirus information, say researchers

US cybersecurity firm FireEye said hacking group APT32 tried to compromise Ministry of Emergency Management and Wuhan government emails

FireEye believes the group operates on behalf of Vietnam’s government and was searching for information about Covid-19 and attempts to combat it

Reading Time:2 minutes

The sun sets behind the Wuhan Yangtze River Bridge. The Wuhan government and China’s Ministry of Emergency Management were targeted by Vietnamese hackers, a US cybersecurity firm says. Photo: AP

Published: 9:22pm, 22 Apr 2020Updated: 7:59am, 23 Apr 2020

Hackers working in support of the Vietnamese government have attempted to break into Chinese state organisations at the centre of Beijing’s effort to contain the coronavirus outbreak, US cybersecurity firm FireEye said on Wednesday.

FireEye said a hacking group known as APT32 had tried to compromise the personal and professional email accounts of staff at China’s Ministry of Emergency Management and the government of Wuhan, the Chinese city at the centre of the global coronavirus pandemic.

Investigators at FireEye and other cybersecurity firms said they believe APT32 operates on behalf of the Vietnamese government. The group’s recent activity mirrors attempts by a host of state-backed hackers to compromise governments, businesses and health agencies in search of information about the new disease and attempts to combat it.

A family sit on the banks of the Yangtze River in Wuhan in central China's Hubei province, which was the epicentre of the coronavirus outbreak. Photo: AP

“These attacks speak to the virus being an intelligence priority – everyone is throwing everything they’ve got at it, and APT32 is what Vietnam has,” said Ben Read, senior manager for analysis at FireEye’s Mandiant threat intelligence unit.

The Vietnamese government did not respond to a request for comment. Messages sent to email addresses used by the hackers went unanswered.

The Cyberspace Administration of China (CAC), the Chinese Ministry of Emergency Management and the Wuhan city government did not immediately respond to faxed requests for comment.