MALAYSIAN companies linked to China’s Belt and Road initiative are at higher risk of a cyber intrusion, said a US-based cybersecurity firm.

FireEye vice-president and head of its global intelligence operations Sandra Joyce said China-based groups will seek to gain an advantage by collecting business intelligence on projects and agreements.

“As Chinese investments continue to be scrutinised in Malaysia, we assessed that this would be the motivator for groups like TEMP.Periscope to gain more information about the future of initiatives representing national interests,” Joyce said at a press conference in Kuala Lumpur today.

The Belt and Road initiative is a comprehensive strategic partnership initiated by China to strengthen its influence through business and military cooperation.

Key projects in Malaysia linked to the initiative include the Malaysia-China Kuantan Industrial Park (KIP), Xiamen University Malaysia, Malacca Gateway and East Coast Railway Link (ECRL).

Prime Minister Dr Mahathir Mohamad will start a five-day visit to China this Friday to discuss the ECRL, petroleum pipeline projects along the west coast of Peninsula Malaysia and a gas pipeline project in Sabah.

With trillions of dollars invested in the Belt and Road initiative, Joyce said these China-based cyberthreat groups were likely to target such projects in a bid to accumulate information, as had happened in Cambodia.

Joyce said Cambodia had many projects linked to the initiative.

“Leading up to the Cambodian elections, we saw a group, TEMP.Periscope, believed to be Chinese sponsored, actually compromising many ministries and government organisations in the country, as well as individuals,” she said.

Joyce said FireEye had found evidence that such intrusions were from China-based groups due to the similar malware used, keyboard settings, infrastructure and IP address.

“We made assessments based on confidence levels, one of being that the open index servers had malware used by Chinese-based groups. We saw an IP address in China and keyboard settings set to the Chinese language. The infrastructure used in these activities were the same ones employed by Chinese groups in the past.

“We believe China was interested in (Cambodia’s) election because of the massive investments it has put into the Belt and Road initiative,” she said, adding that other countries, such as Russia, had also been attacked by another China-based group.

She, however, did not elaborate on whether the Chinese government had sponsored these groups. – August 15, 2018.