Vietnam-tied hackers said to target auto industry

HANOI Vietnamese “state-aligned” hackers are targeting foreign automotive companies in attacks that appear to support the country’s vehicle manufacturing goals, according to cybersecurity provider FireEye.

FireEye said the attacks accelerated in early February. The hacking targeted companies in Southeast Asia and “the broader areas surrounding Vietnam,” said Nick Carr, a FireEye senior manager.

“Beginning in February, we see this large uptick based on our product and services visibility showing us a lot of activity targeting the automotive industry,” Carr said. “It is likely to support the Vietnamese government’s publicly stated domestic manufacturing goals for automobiles.”

Vietnam’s Ministry of Foreign Affairs did not immediately respond to an emailed request for comment. After FireEye published a report detailing the

Vietnamese-linked group’s activities in 2017, Ministry of Foreign Affairs spokeswoman Le Thi Thu Hang said the government does not allow any form of cyberattacks against individuals or organizations.

The recent attacks do not appear to be aimed at acquiring intellectual property; rather, they seem to be looking for corporate operational information, Carr said. “There are other ways to gain a competitive advantage,” he said.

FireEye designates the group as APT32 and dates its activities to 2014. The group has targeted security, technology infrastructure and consultancy companies and been a threat to political activists, FireEye said in its 2017 report.

While attackers from China, Iran, Russia, and North Korea remain the most active cyber espionage threats tracked by FireEye, groups like APT32 represent a growing number of new countries involved in such activities, Carr said.

The attackers from Vietnam use phishing techniques  sending emails to induce recipients to reveal compromising information and websites infected with malware, he said.

“They are very successful,” Carr said. “They are very creative.”