KUALA LUMPUR – Chinese state-sponsored hackers may be targeting companies and state agencies in Malaysia as it looks to review several major projects linked to China’s Belt and Road Initiative, cyber security firm FireEye Inc. said on Wednesday (Aug 15).
Malaysian Prime Minister Mahathir Mohamad, who took power after an election win in May, will be in China on Friday seeking to renegotiate and possibly cancel billions of dollars worth of Chinese-invested projects authorized by his predecessor, Najib Razak.
FireEye said it had found indications that cyber espionage activities were increasing throughout Southeast Asia, as China-based groups and others sought to gain information on BRI projects and deals.
Malaysia’s recent political changes and its reassessment of China-backed projects put it at heightened risk of such activity, FireEye’s head of global intelligence operations, Sandra Joyce, told a media briefing.
“As Chinese investments continue to be scrutinized, that is going to be a motivator for groups … to gain more intelligence and information on the future of these projects.”
China’s foreign ministry did not immediately respond to a request for comment. China routinely denies accusations of involvement in hacking and says it is a main victim of it.
The Malaysian prime minister’s office did not immediately respond to a request for comment, while a spokesman for the foreign ministry declined to comment.
Joyce said Malaysian targets could include any company or agency involved in a $20-billion East Coast Rail Link (ECRL) project.
The 688-km project, linking Malaysia’s west coast with ports in the east, has been suspended pending discussions over pricing and graft allegations.
Mahathir’s government also halted work on two projects worth more than $2.3 billion awarded to the China Petroleum Pipeline Bureau.
Joyce said its observations on Malaysia were in keeping with developments in other countries with major BRI interests such as Belarus, which has been targeted by a Chinese group called Roaming Tiger.
FireEye said in July that a China-based group identified as TEMP.Periscope had interfered in a general election in Cambodia, breaching systems used by several Cambodian state agencies and political entities.