Chinese hackers targeted the computers of high-ranking officials from the Malaysian government and Malaysia Airlines and stole classified information during the early stages of the investigation into missing flight MH 370. According to Malaysia’s Star newspaper, which broke the story, the breach occurred on March 9, a day after the plane disappeared during its flight from Kuala Lumpur to Beijing.
The stolen data allegedly was sent to a computer in China, according to an unnamed source cited by the Star. The officials who were targeted reportedly were from the country’s Department of Civil Aviation, the National Security Council, and Malaysia Airlines. The country’s cyber security agency recognized the breach hours later, when it then blocked all transmissions and shut down the compromised machines.
The security agency, CyberSecurity Malaysia, revealed that the hackers had used sophisticated malware disguised as a news article that said the plane had been found. The article, attached to an email that was sent to the targeted officials, looked like a valid PDF document but released the malware when the user clicked on it, a tactic commonly known as spear phishing.
The confidential data contained in the computers that were hacked reportedly included the minutes of crisis meetings and classified documents shared between the government and airline officials in the hours after MH370 vanished. CyberSecurity Malaysia chief executive Amirudin Abdul Wahab told the Star he did not know why the attacks had taken place but speculated it was related to perceptions that the government was moving too slowly in releasing information about the investigation to the public.
Australia still is leading the search for the missing place. Australian prime minister Tony Abbott said today that a new underwater hunt had a “reasonable chance” of finding the aircraft.