Chinese Hackers Infiltrated European Ministries’ Computers Before G-20 Summit: Report

Chinese hackers infiltrated computers of five European foreign ministries ahead of September’s G-20 summit in St. Petersburg, Russia, where discussions were dominated by the Syrian crisis, according to a California-based computer security firm, FireEye Inc (NASDAQ:FEYE).

Hackers unleashed malware on the ministries’ computers before the summit through emails to staff containing attachments with names such as “US_military_options_in_Syria” aimed at stealing data from the infected computers, FireEye said in a research report, according to Reuters.

“The theme of the attacks was U.S. military intervention in Syria,” FireEye researcher Nart Villeneuve, one of six researchers who prepared the report, said, according to a Reuters report. “That seems to indicate something more than intellectual property theft...The intent was to target those involved with the G20.”

FireEye said its researchers initially managed to monitor the main computer server used by the hackers for the cyberattack, but the firm lost its access to the hackers after they moved to another server shortly before the summit began, Reuters reported.

The company declined to name the nations who were targeted in the attack, except to say that they were members of the European Union, but added that it alerted the victims through the FBI.

Villeneuve said the researchers found that the attack originated in China, based on technical proof, but added that there is no evidence linking the hackers to the Chinese government.

“All we have is technical data. There is no way to determine that from technical data,” Villeneuve told Reuters.

Numerous hackers operating in China are routinely monitored by Western cybersecurity firms, not only for national security reasons, but also to prevent theft of intellectual property for commercial gain.

China, however, maintains that it too has been a victim of cyberattacks and spying by the U.S., and such claims were supported by documents leaked by Edward Snowden.

In November, Canadian media reported that the Canadian government allowed the U.S. National Security Agency, or NSA, to spy on delegates during the G-20 summit in Toronto in 2010, citing documents leaked by Snowden.

In June, The Guardian reported that Britain's Government Communications Headquarters, or GCHQ, spied on foreign delegates who attended two G-20 summits in London in 2009.

The British agency did so by hacking into delegates’ computers and intercepting their phone calls and by installing bugs in Internet cafes, according to the report, which was based on documents leaked by Edward Snowden from an internal intelligence-sharing network used by GCHQ and the NSA.