By Jeremy Wagstaff
SINGAPORE (Reuters) - Hackers either working for the Vietnamese government or on their behalf have broken into the computers of multinationals operating in the country as part of an increasingly sophisticated cyber espionage campaign, cybersecurity company FireEye said.
Nick Carr, senior manager of FireEye's Mandiant Incident Response team, said in an interview the same group was also responsible for hacking into the computers of Vietnamese dissidents and journalists.
He said it was impossible to identify or locate the hackers precisely or confirm they were working for the Vietnamese government but the information they sought would be of very little use to any other party.
The attacks are unrelated to the WannaCry ransomware worm that has ravaged computers around the world since Friday.
"All the activity we have seen is of interest to the nation of Vietnam," Carr said in a phone interview ahead of Monday's publication of a FireEye report on hacking in Vietnam.
The government rejected the accusation.
"The government of Vietnam does not allow any form of cyber-attacks against organizations or individuals," said foreign ministry spokeswoman Le Thi Thu Hang. "All cyber-attacks or threats to cybersecurity, must be condemned and severely punished in accordance with regulations and laws."
Carr said FireEye had observed the group, which it called APT32, targeting foreign corporations with interests in Vietnam's manufacturing, consumer products and hospitality sectors since 2014.
In several cases, he said, the hackers sought information about the companies' operations and their adherence to local regulations, something he had rarely seen other hacker groups attempt.
Victims included a German manufacturing company about to build a factory in Vietnam, a Chinese hotel developer planning to expand its operations in the country, and the local office of a British-based global consulting firm.
He said in most cases the companies were household names. He declined to identify them, citing client confidentiality. Executives, human resources and finance staff were targeted, he said.
FIRST TIME
The report marks the first time a cybersecurity company has pointed to Vietnam as the source of state-motivated cyber-attacks. It is also the first time FireEye had assigned the label APT - standing for advanced persistent threat, a term usually reserved for state-sponsored hacker groups - to a group outside China and Russia.
Robert Trong Tran, who directs PwC (PricewaterhouseCoopers) cybersecurity services business in Vietnam, said he was not aware of any cases of European companies being hacked.