Pham Nhat Vuong (VinFast) sends hackers to intrude into BWM’s computer network? On December 6, 2019, ARD, Germany’s largest television station, reported the news, “German car industry targetted- BMW company being spied by hackers.” The following is the translation: According to information from BR station in Germany’s southern state of Bayern, a group of hackers succeeded in hacking the BMW computer network. It is a group of Vietnamese hackers that probably works for the Vietnamese government. The attack of this Vietnamese group of hackers began in 2019’s spring. The Munich automobile group eventually had to take the hacked computers out of the BMW system over the weekend. Earlier, BMW’s cybersecurity experts tracked the hackers for months. This is the result of an investigation by Bayerischer Rundfunk (BR) in Bayern, southern Germany. Next, South Korea’s carmaker Hyundai was also spied by hackers. Answering a BR question, the BMW company announced that it did not want to address each specific case. In general, “we have implemented mechanisms and procedures to minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reproduce, and recover in case something goes wrong.” Hyundai company did not answer some of BR’s questions. Fabricating website and installing spy software In the case of BMW, according to a BR investigation, hackers attacked a computer until they successfully installed a spy software called “Cobalt Strike.” Hackers then use “Cobalt Strike” to conveniently monitor and control this computer remotely. To this end, hackers have set up a fake website that makes visitors think it belongs to a BMW branch in Thailand. In the case of Hyundai, the hackers also set up a similar fake website. Through this fake website, hackers can track within the networks and find out what storage locations and data files are there and which users are logged in. These steps help them expand the penetration of more computers. No hurry response Once hackers break into a corporate network, they often try to spy as unnoticed as possible. If a company detects its attackers, it is important to find out how far hackers have intruded. The company silently follows for this, sometimes lasting for months. At BMW, no sensitive data has been leaked, an anonymous cyber security expert said. Hackers also failed to penetrate in the systems located at the company’s headquarters in Munich, Germany. Hackers from Vietnam? The tools used and the way the hackers acted showed that it was a group called “OceanLotus”. This group has been known by security experts since 2014. It is suspected that these hackers are spying for the Vietnamese government. The Department of Cyber Security of Vietnam’s Ministry of Public Security Does Vietnamese government use hackers in the counter-espionage system? In Vietnam, hackers and cyber-attacks are a powerful aid of the state in controlling information and limiting online freedom of citizens, businesses and even foreign governments. This is a warning issued by three international organizations with extensive experience in cybersecurity, Veloxity, Electronic Frontier Foundation, and FireEye, continuously given in the past three years. The most recent assessment of the Vietnamese government’s use of hackers for counterintelligence is due to the research and development of Veloxity cybersecurity solutions – based in Washington DC, the US – launched on November 6, 2017. The headquarters of the Ministry of Public Security of Vietnam Accordingly, the Vietnamese government has launched and carried out a long-term, large-scale and methodical campaign on cyber attacks, as well as cyber espinonage. It is especially that Vietnam’s government has organized and operated a highly specialized cyber espionage group. The group uses various attacks on the Internet to directly sabotage the activities of organizations, individuals, businesses, and even foreign governments. Minister of Public Security General To Lam The cyber espionage group OceanLotus of the Vietnamese government Documents from the aforementioned organizations said that, possibly since 2014, the Vietnamese government has begun to use a cyber espinonage group known as OceanLotus (SeaLotus) or APT-C-00 and APT32 in the reports of research organizations specializing in cyber attacks worldwide. There is at least one report that shows that OceanLotus has been involved in the group of Deathly Hackers. The reason experts think that OceanLotus is directly run by the Vietnamese government is because this group only attacks companies or organizations that are closely related to Vietnam’s domestic and foreign policies. General Secretary Nguyen Phu Trong of the Communist Party of Vietnam visited Mr. Pham Nhat Vuong’s Vinfast Car assembly workshop The automotive industry in Vietnam has only been focused recently, since the end of 2018, cybersecurity expert Röcher explained. In June 2019, Vietnam’s Vingroup opened its first factory in which cars were manufactured. Brand is Vinfast. German companies play major roles as the supplier: BMW sold its two car models while Siemens connects the factory. In an interview with the German newspaper Handelsblatt, a manager in Vietnam emphasized: “Production is almost 100% German” Businesses in Vietnam often collude with senior Communist Party officials to manipulate and acquire resources and land of the country, in order to maximize profits without paying attention to losses of millions of people. Like China, crony groups have disregarded all to appropriate and steal technology and patent rights of other countries for illicit enrichment. As long as the Communist Party of Vietnam still exists the cyber attacks will continue and it will prove that the communists and red gangs are partnering in the country.