In May 2022, Joe Biden was on a charm offensive. The US president invited the leaders of 10 Southeast Asian nations to the White House for the first time for talks about the region, which is home to more than 600 million people. High on the agenda was China—a key trading partner for all the countries, but also a potential threat to their stability. Biden promised $150 million in extra support for the nations to help improve their security, infrastructure, and ongoing pandemic response.
However, in the weeks leading up to the meeting, according to a cybersecurity alert seen by WIRED, hackers working on behalf of China were stealing thousands of emails and sensitive details from the Southeast Asian nations. The cyberespionage, which has not been previously reported, is the latest in a string of incidents where Chinese-linked hackers have quietly compromised neighboring countries, looking to gain political and economic information.
According to the cybersecurity alert, Chinese-linked hackers were able to break into mail servers operated by the Association of Southeast Asian Nations (ASEAN) in February 2022 and steal a trove of data. The ASEAN organization is an intergovernmental body made up of 10 Southeast Asian countries, including Singapore, Malaysia, and Thailand. This was the third time the organization has been compromised since 2019, the document says.
The hackers were able to steal “gigabytes” of emails sent by ASEAN countries, and the data was stolen “daily,” according to the cybersecurity alert. It’s believed that the attackers stole more than 10,000 emails, making up more than 30 GB of data. The incident “impacts all ASEAN members due to correspondence that was compromised,” the alert says. The notification was sent to cybersecurity agencies, foreign affairs ministries, and other governmental organizations in all 10 of the ASEAN member countries.
Haji Amirudin Abdul Wahab, the CEO of CyberSecurity Malaysia, an agency under the country’s Ministry of Science, Technology, and Innovation, says it received the alert in 2022, notified officials within the country, and generally condemns hacking. Other nations impacted declined to comment or did not respond to WIRED’s request for comment. The ASEAN group itself did not respond to repeated requests for comment.
China’s embassy in the US did not immediately respond to a request for comment.
Amplified Voices, Quiet Theft
“ASEAN is really important as the key regional grouping, not just in Southeast Asia but beyond,” says Susannah Patton, director of the Southeast Asia Program at Australian think tank the Lowy Institute. Patton explains that ASEAN helps coordinate Southeast Asian policies across a number of different areas. “Even beyond Southeast Asia, ASEAN has an important role because it convenes or organizes other big regional summits,” Patton says. As a result, the data it holds could be useful for understanding political feelings in the region.
ASEAN helps to “amplify” the voices of the 10 member countries that are involved in it, says Scot Marciel, an Oksenberg-Rohlen Fellow at Stanford University and former US ambassador to Indonesia and Myanmar. The group holds both formal meetings and informal conversations, Marciel says, and will discuss everything from economic integration and infrastructure plans to trade negotiations and geopolitics. “That would all be stuff that I would think Beijing would be interested in,” Marciel says.