The day after Malaysia Airlines Flight MH370 vanished, computer hackers apparently based in China launched a highly sophisticated attack on 30 Malaysian government computers and stole top secret information related to the plane’s disappearance, the Malaysian newspaper Daily Star revealed on Wednesday.
The complex and devious attack involved sending a bogus email to government officials in Malaysia who used the targeted computers. The emails masqueraded as a news report stating — falsely, of course — that the missing Malaysia Airlines flight had been found.
The email came with what appeared to be a PDF attachment, purporting to be the whole supposed news story about Flight MH370. But in fact, when any official who received the email clicked on the attachment, it secretly launched a malicious software program — a type of software known as “malware” — that infiltrated the computer’s files, automatically transmitting each file to the hacker who sent the original email.
Investigators found that the stolen information was secretly sent to a computer with an IP address in China. An IP address is a sequence of numbers that represents a computer’s location on the internet.
Computers at Malaysia’s Department of Civil Aviation and National Security Council were on the receiving end of the dangerous emails. Malaysia Airlines itself was also targeted by the hackers.
“We received reports from the administrators of the agencies telling us that their network was congested with email going out of their servers,” Dr. Amirudin Abdul Wahab, head of CyberSecurity Malaysia, told the Star newspaper. “Those emails contained confidential data from the officials’ computers, including the minutes of meetings and classified documents. Some of these were related to the MH370 investigation.”
Cybersecurity Malaysia is affiliated with the country’s Ministry of Science.
“This was well-crafted malware that anti-virus programs couldn’t detect,” Abdul Whab said. “It was a very sophisticated attack.”
However, beyond revealing that the stolen information and documents ended up on a Chinese computer, the cybersecurity chief would not reveal any further details of the hacking incident.
The cyber attack came at the very beginning of the investigation into the missing Malaysia Airlines Flight MH370, when the Malaysian government was hit with a barrage of criticism claiming that it was withholding vital information about the flight. With 152 Chinese nationals on board the flight, which was supposed to be a routine jaunt between Kuala Lumpur and Beijing, China has been especially critical of the Malaysian response to the plane’s disappearance.
Malaysia Airlines Flight MH370 vanished without a trace on March 8. Despite a massive, multinational search effort, no evidence of the plane’s fate has been found.