FireEye on TEMP.Periscope

FireEye has published a second blog on a Chinese group they call Temp.Periscope, and these little boys and girls have been busy hacking more than the US.   There is an earlier report that focuses on the attacks on US  “maritime industry, as well as engineering-focused entities, and include research institutes, academic organizations, and private firms in the United States....”.   The controlling and patching services seem to come from Hainan China, the same place Ghostnet came from.  Hainan’s activities are probably mostly from the military complexes on the island.  It is covered with them.  

The second blog looked at what the Chinese were hacking in the run-up to the elections in Cambodia.  this modus operandi is similar to what the Russians are accused of doing in the US elections and in Germany, France and Italy.  The targets are:

• National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Cambodian Senate, Ministry of Economics and Finance
• Member of Parliament representing Cambodia National Rescue Party
• Multiple Cambodians advocating human rights and democracy who have written critically of the current ruling party
• Two Cambodian diplomats serving overseas
• Multiple Cambodian media entities

There must not be too many people on social media in Cambodia because there is not much indication of a campaign to influence voters leading up to the election.  That may not be as important in countries that are not democracies.  Still, the Chinese  are still willing to pick their targets and focus on the people who count.  They are patient and don’t get caught very often.  Odd that they did this time.