China’s Belt and Road Initiative could trigger increase in cyberespionage activity, researchers warn

• Malaysian government and private organizations are advised to take steps to protect themselves from potential cyberthreats.
• Experts suspect that cyberespionage actors may use BRI announcements as phishing lures.

Security researchers at FireEye are warning Malaysian organizations to be on alert for surge in cyberespionage activity. Experts believe that recent political developments related to China’s $1 trillion Belt and Road Initiative (BRI) could cause a rise in cyberespionage activity.

The BRI is China’s new ambitious endeavor to build maritime and land trade routes that connect Asia, Africa and Europe. Security experts estimate that the BRI will likely spark additional cyberespionage activity targeting regional governments located along the trade route. Experts also believe that this may result in the emergence of new state-backed APTs.

“Malaysia's new government has called for renegotiation of the terms of some Belt & Road projects, which is likely to generate some uncertainty in parties interested in the outcome of these projects and other regional developments,” Sandra Joyce, vice president and head of global intelligence operations at FireEye said in a release prepared for the customers, SC Magazine reported. “We expect espionage activity against Malaysian organizations will increase in an attempt to gain insight into current events.”

FireEye is warning private and government organizations in Malaysia to take steps to protect themselves against potential cyberthreats. Cybercriminals may also use BRI announcements as lures in phishing campaigns and other attacks.

Researchers have observed increased activity from the Roaming Tiger threat group, which primarily targeted former Soviet Union, including Belarus.

In addition, researchers have also observed TOYSNAKE malware targeting European organizations, BANECHANT malware targeting the Maldives, LITRECOLA malware targeting Cambodia, SAFERSING malware targeting international NGOs and TEMP.Periscope targeting the maritime industry.