SINGAPORE (Aug 15): With Malaysia’s new government calling for the renegotiation of certain Belt & Road Initiative (BRI) project terms, security company FireEye is expecting heightened espionage activity against Malaysian organisations.

It was last reported in July that Malaysia had already suspended the construction of its major Belt and Road rail project while it seeks to renegotiate the terms of its US$14 billion rail deal with Chinese partners.

Based on the findings of FireEye’s application-based cyber threat intelligence platform, iSIGHT Intelligence, BRI is expected to be a driver of regional cyber threat activity and potentially involve cyber espionage related to the initiative, including the emergence of new groups and nation-state actors.

FireEye also believes China-based threat groups have deployed systemic cyber espionage operations against close allies in Southeast Asia, such as the recently reported compromise of the Cambodian political system by China-nexus TEMP.Periscope.

The company’s sentiment is further compounded by the latest findings of its subsidiary Mandiant’s M-Trends 2018 report, which showed that Asia Pacific companies took almost five times as long as the global median time to detect cyber-attacks, with those which have been victims of a targeted compromise being twice as likely to be targeted again.

Sectors which FireEye expects to be targeted include regional governments, academia and think tanks, transportation, construction, manufacturing, energy, mining and finance.

Sandra Joyce, vice president and head of global intelligence operations at FireEye, believes Malaysia’s renegotiation of its BRI-related projects is likely to generate some uncertainty in parties interested in the outcome of these projects as well as other regional developments.

“We expect espionage activity against Malaysian organisations will increase in an attempt to gain insight into current events,” comments Joyce.

“It’s imperative for Malaysian organisations across the public and private sectors to take steps to strategically manage their risk, by understanding who’s likely to target them, why, how, and ensure they are able to quickly detect and respond to these attacks,” she adds.