top of page

Security Brief: PACOM Week of July 19, 2021

Week of Monday, July 19, 2021 | Issue 23

Muhammad Md Rosli, PACOM Team

Cyber Attacks On a Global Scale[1]

Date: July 19, 2021

Location: Phnom Penh, Cambodia

Parties involved: China State Security; Foreign Ministry of Cambodia; United States Department of Justice (DoJ)

The event: A Chinese company from Hainan has targeted the Cambodian Foreign Ministry as part of the company’s state-sponsored cyber hack. The stolen data involves the discussions between the Chinese and Cambodian governments regarding the use of the Mekong River in Phnom Penh, Cambodia. The data also includes trade secrets and hydroacoustic data, which are gathered from monitoring underwater conditions. However, the Chinese government has denied any allegations of cyber hacking from the United States’s DOJ, and the Chinese embassy in Cambodia did not respond to any requests for comment.

The implications:

  • China’s readiness to facilitate the Lancang-Mekong Cooperation (LMC) for its economic prosperity and geopolitical influence indicates how the Mekong River is crucial to China’s Belt and Road Initiative (BRI) foreign policy objectives. The LMC was established in 2016 to give China full control over hydropower operations from the Lancang River to the Mekong River for economic growth. The United States views the Chinese influence as a threat to regional security that is likely to impact its strategic interest in the South China Sea. Additionally, in 2019, Cambodia razed the United States-built Ream Naval Base to access to Chinese-backed facilities to host Chinese maritime assets. The Chinese naval assets possess a high degree of capability to conduct maritime operations within the Nine-Dash Line with a relatively lower operational cost and quicker reaction time through the Gulf of Thailand.

  • Cambodia relies heavily on Chinese economic support. Seventy percent of major infrastructure projects, such as roads and bridges, were funded by China through loans and financing in 2017.[2] Hence, Cambodia’s overreliance on China's economic aid and influence is less likely to be affected by the cyber espionage situation. The ruling Cambodian People’s Party (CPP) needs the support of international political power. Therefore, China is the likely supporter amid growing criticism of the CCP. The hack may also have shown that China can exert its influence over Cambodia, which could act as a deterrent should Cambodia plan to relinquish its goodwill towards the United States.

  • The Mekong River is largely known for its cross-boundary river waters between China, Cambodia, Vietnam, Myanmar, Laos, and Thailand. China is highly likely to be trying to influence these countries by controlling the river operations. It is highly likely that the stolen data helped China tighten the control over the Mekong River from the United States sphere of influence. Data on water levels and hydrological formation may benefit China by reducing the technical cost of the hydropower project under the LMC. This act of cyber espionage was likely executed to prevent the likelihood of success of the United States-Mekong Partnership, which aims to have a stable, sustainable, and secure Mekong River. The data obtained by Chinese hackers were possibly a backup strategy should the LMC fail to be executed.

Date: July 20, 2021

Location: Washington DC, United States

Parties involved: China Foreign Ministry; United States Department of Justice (DoJ)

The event: The DoJ has charged four Chinese nationals with cyber espionage, to which Beijing has responded by calling them “baseless accusations” and has referred to the action as irresponsible. However, the accusation is not novel, as Microsoft Exchange servers were hacked earlier this year, an act that was backed by hackers affiliated with China's Ministry of State Security. Furthermore, the cyber hack that hit Cambodia one day earlier possibly stemmed from a similar approach from China to gather information on the Mekong River hydrological data.

The implications:

  • China’s capabilities to conduct cyber espionage through a non-official front are highly likely to create severe information theft of trade secrets from important industries globally. Important countries participating in its BRI are likely expected to be at risk from cyber espionage, threatening their national security and economic activity. Additionally, China is risking its multilateral and bilateral efforts by undermining its cyber espionage operations.

  • The United States and its allies are likely aware of China’s global cyber hacking campaign. However, without concentrated efforts to thwart China’s cyber operations, it is likely that countries under the sphere of China’s influence, such as Cambodia, Vietnam, Thailand, Singapore, and Malaysia, may need to depend on their cyber defense capabilities and commit to stronger regional security efforts through ASEAN or APEC. For instance, the ASEAN Defence Ministers Meeting (ADMM) could strengthen the cyber cooperation needed to buffer against China. The ASEAN-Singapore Cybersecurity Center of Excellence is highly likely to be the important arrangement in creating an ASEAN Cyber Defense Network to link cyber defense operation centers of ASEAN member states, which has the potential to deter Chinese cyber espionage operations in the region through joint protection of critical information infrastructure and mutual help in cybersecurity.


[2] China Funded 70% of Cambodian Roads, Bridges: Minister, Cambodia Daily, July 2017



bottom of page