Chinese government-backed hackers carried out 10-year cyber espionage campaign, claims FireEye

FireEye claims other Asian governments were the target of shift-working, collaborative state-backed hackers employed by China

State-sponsored Chinese hackers have been conducting cyber espionage against South Asian governments and corporations for at least a decade, according to researchers from security company FireEye.

It isn't the first time the Chinese government has been accused of backing cyber attacks against critical infrastructure of other nations: the US Senate has also claimed that Chinese hackers repeatedly breached the networks of US military contractors over a sustained period.

The latest accusation of state-sponsored spying by China is made in FireEye's new threat intelligence report, APT30 and the Mechanics of a Long-Running Cyber Espionage Operation. The 65-page document details how cyber-crime group APT30 ran a professional operation in order to spy on governments and corporations across Southeast Asia and India.

"The malware revealed a decade-long operation, focused on targets - government and commercial - that hold key political, economic, and military information about the region," claimed the report, co-authored by Bryce Boland, chief technology officer for Asia Pacific at FireEye.

According to the report, APT30 has been using the same tools, tactics and infrastructure since 2005, with computer hackers who "most likely work in shifts in a collaborative environment" in order to build malware designed to penetrate high-profile networks with the ultimate aim of acquiring sensitive data.

"We have analysed over 200 malware samples and its GUI-based remote controller software, we are able to assess how the team behind APT30 works: they prioritise their targets, most likely work in shifts in a collaborative environment, and build malware from a coherent development plan," read a blog post about the research.

"Their missions focus on acquiring sensitive data from a variety of targets, which possibly include classified government networks and other networks inaccessible from a standard internet connection," the post added.

The operation was started in 2004, claimed FireEye, making it one of the longest known examples of a sustained cyber-crime campaign.

According to FireEye, the sophisticated nature of the scheme means it is almost impossible that the cyber-espionage operation isn't state sponsored. The report suggests that the targets of the cyber attacks align with Chinese government interests and focus on the Southeast Asian region.

"Such a sustained, planned development effort, coupled with the group's regional targets and mission, lead us to believe that this activity is state sponsored - most likely by the Chinese government," continued the report.

However, the Chinese government has denied any involvement in any cyber attacks and moved to condemn the actions of cyber criminals.

"I want to stress that the Chinese government resolutely bans and cracks down on any hacking acts. This position is clear and consistent. Hacking attacks are a joint problem faced by the international community and need to be dealt with cooperatively rather than via mutual censure," foreign ministry spokesman Hong Lei told Reuters.

China has previously accused the US of hacking into, and compromising, the networks of Chinese companies, including telecoms equipment maker Huawei.

At the same time, though, disclosures via reports leaked by US National Security Agency (NSA) whistleblower Edward Snowden indicate that the US and UK secret services have also been engaged in similarly sophisticated cyber-espionage operations against national governments.