Chinese hackers have targeted Malaysian government departments involved in the search for Malaysia Airlines flight 370, a Malaysian newspaper said on Wednesday.
Malware disguised as a news report that the missing jet had been found was emailed to Malaysian officials on March 9, a day after the airliner disappeared in mid-air, The Star said, citing CyberSecurity Malaysia chief executive Amirudin Abdul Wahab.
CyberSecurity Malaysia is a government agency under the Science, Technology and Innovation Ministry.
In a statement to the South China Morning Post, a spokesman said the agency's digital forensics team provided technical assistance to targeted departments. However, the agency declined to say which departments had been targeted and how.
The Star report said affected agencies included Malaysia’s Civil Aviation Department, the National Security Council and Malaysia Airlines, which is majority owned by the Malaysian government.
Malaysian police were investigating the attack, the newspaper said. The information office of Malaysia's Ministry of Home Affairs, which overseas the Royal Malaysia Police could not be reached for comment on Wednesday.
Once the hackers gained access to the networks, the government departments registered a flood of outgoing e-mails, the report said. The outgoing e-mails included classified documents, the report said.
By the time the transmissions were blocked and the affected computers shut down, an unspecified amount of information had already been sent from Malaysian government computers to China, it said.
Such a hacking attack is not technically difficult, but requires preparation, said Dhillon Andrew Kannabhiran, founder and CEO of Kuala Lumpur-based Hack In The Box, which organises IT security conferences.
The timing of the attack, one day after the plane went missing, meant that the attackers had the PDF malware ready to use to infect the Malaysian government computers, he said.
Kannabhiran said investigators could only trace the stolen documents to where they had been sent to, but that might not provide definitive clues to who hacked into the computers.
20/08/14 Malaysian police were investigating the attack, the newspaper said. The information office of Malaysia's Ministry of Home Affairs, which overseas the Royal Malaysia Police could not be reached for comment on Wednesday.
Once the hackers gained access to the networks, the government departments registered a flood of outgoing e-mails, the report said. The outgoing e-mails included classified documents, the report said.
By the time the transmissions were blocked and the affected computers shut down, an unspecified amount of information had already been sent from Malaysian government computers to China, it said.
Such a hacking attack is not technically difficult, but requires preparation, said Dhillon Andrew Kannabhiran, founder and CEO of Kuala Lumpur-based Hack In The Box, which organises IT security conferences.
The timing of the attack, one day after the plane went missing, meant that the attackers had the PDF malware ready to use to infect the Malaysian government computers, he said.
Kannabhiran said investigators could only trace the stolen documents to where they had been sent to, but that might not provide definitive clues to who hacked into the computers.
20/08/14 Partick Boehler/South China Morning Post
To Read the News in full at Source, Click the Headline
Malware disguised as a news report that the missing jet had been found was emailed to Malaysian officials on March 9, a day after the airliner disappeared in mid-air, The Star said, citing CyberSecurity Malaysia chief executive Amirudin Abdul Wahab.
CyberSecurity Malaysia is a government agency under the Science, Technology and Innovation Ministry.
In a statement to the South China Morning Post, a spokesman said the agency's digital forensics team provided technical assistance to targeted departments. However, the agency declined to say which departments had been targeted and how.
The Star report said affected agencies included Malaysia’s Civil Aviation Department, the National Security Council and Malaysia Airlines, which is majority owned by the Malaysian government.
Malaysian police were investigating the attack, the newspaper said. The information office of Malaysia's Ministry of Home Affairs, which overseas the Royal Malaysia Police could not be reached for comment on Wednesday.
Once the hackers gained access to the networks, the government departments registered a flood of outgoing e-mails, the report said. The outgoing e-mails included classified documents, the report said.
By the time the transmissions were blocked and the affected computers shut down, an unspecified amount of information had already been sent from Malaysian government computers to China, it said.
Such a hacking attack is not technically difficult, but requires preparation, said Dhillon Andrew Kannabhiran, founder and CEO of Kuala Lumpur-based Hack In The Box, which organises IT security conferences.
The timing of the attack, one day after the plane went missing, meant that the attackers had the PDF malware ready to use to infect the Malaysian government computers, he said.
Kannabhiran said investigators could only trace the stolen documents to where they had been sent to, but that might not provide definitive clues to who hacked into the computers.
20/08/14 Malaysian police were investigating the attack, the newspaper said. The information office of Malaysia's Ministry of Home Affairs, which overseas the Royal Malaysia Police could not be reached for comment on Wednesday.
Once the hackers gained access to the networks, the government departments registered a flood of outgoing e-mails, the report said. The outgoing e-mails included classified documents, the report said.
By the time the transmissions were blocked and the affected computers shut down, an unspecified amount of information had already been sent from Malaysian government computers to China, it said.
Such a hacking attack is not technically difficult, but requires preparation, said Dhillon Andrew Kannabhiran, founder and CEO of Kuala Lumpur-based Hack In The Box, which organises IT security conferences.
The timing of the attack, one day after the plane went missing, meant that the attackers had the PDF malware ready to use to infect the Malaysian government computers, he said.
Kannabhiran said investigators could only trace the stolen documents to where they had been sent to, but that might not provide definitive clues to who hacked into the computers.
20/08/14 Partick Boehler/South China Morning Post
