Malaysian Prime Minister Mahathir Mohamad, who took power after an election win in May, will be in China on Friday seeking to renegotiate and possibly cancel billions of dollars worth of Chinese-invested projects authorized by his predecessor, Najib Razak.
China’s Belt and Road Initiative (BRI), unveiled in 2013, aims to develop a network of land and sea links with Southeast Asia, Central Asia, the Middle East, Europe and Africa.
FireEye said it had found indications that cyber espionage activities were increasing throughout Southeast Asia, as China-based groups and others sought to gain information on BRI projects and deals.
Malaysia’s recent political changes and its reassessment of China-backed projects put it at heightened risk of such activity, FireEye’s head of global intelligence operations, Sandra Joyce, told a media briefing.
“Malaysia is looking more and more like a typical target of Chinese state-sponsored cyber activity,” she said.
“As Chinese investments continue to be scrutinized, that is going to be a motivator for groups … to gain more intelligence and information on the future of these projects.”
The Malaysian prime minister’s office did not immediately respond to a request for comment, while a spokesman for the foreign ministry declined to comment.
China opposes all forms of hacking, its foreign ministry told Reuters in a statement.
“China is a resolute protector of internet security, and advocates that the international community should jointly face internet security threats via dialogue and cooperation on the basis of mutual respect, equality and mutual benefit,” it added.
Joyce said Malaysian targets could include any company or agency involved in a $20-billion East Coast Rail Link (ECRL) project.
The 688-km (428-mile) project, linking Malaysia’s west coast with ports in the east, has been suspended pending discussions over pricing and graft allegations.
Mahathir’s government also halted work on two projects worth more than $2.3 billion awarded to the China Petroleum Pipeline Bureau.
Joyce said its observations on Malaysia were in keeping with developments in other countries with major BRI interests such as Belarus, which has been targeted by a Chinese group called Roaming Tiger.
FireEye said in July that a China-based group identified as TEMP.Periscope had interfered in a general election in Cambodia, breaching systems used by several Cambodian state agencies and political entities.