China Is Predicted To Expand Its Cyber Espionage Operations

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

China is facing major economic pressures from all sides. Its economy is still suffering from the effect of COVID, its manufacturing industry is shrinking, and its property sector is overleveraged due to an aggressive borrowing strategy. There are also signs of growing dissent amongst its youth, driven by rising unemployment.

Now, analysts at the threat intelligence firm Cyjax are warning that socio-economic turmoil in China could spell bad news for private industry.

Cyjax has recently announced its latest research, Broken China, analysing the turbulent socio-economic situation in China and how this will likely lead to an increase in cyber espionage activities by the People’s Republic of China (PRC) to give Chinese businesses a competitive edge.

The report says that although there are remedies that could aid in China’s economic recovery, its culture of nationalism and conservatism makes implementing them unlikely. There is also the threat of chillier US-China relations if Donald Trump returns to the White House, which could mean even higher trade tariffs than today.

With a bleak economic future looming, Cyjax predicts that the PRC will opt for more short-term solutions to grow its economy fast, and this will include more aggressive cyber espionage campaigns designed to steal foreign intellectual property (IP) and boost Chinese industry.  

The PRC uses various threat groups to conduct espionage campaigns and over the next year Cyjax expects a major uplift in activity from the following:

  • The Gallium group:   active since at least 2012, the group is well known for being part of Operation Soft Shell which targets global telecoms and Microsoft Exchange servers. The group targets and steals IP from telecommunication, financial, and government entities in Southeast Asia, Europe, Africa, and the Middle East.
  • Sandman:   the group targets telecommunication providers in the Middle East, Western Europe and South Asia. It uses a novel backdoor that abuses the LuaJIT platform to deliver malware.
  • MustangPanda:   the group had been observed to be targeting Beijing’s more local advisories mainly including Southeast Asian governments. 
  • VoltTyphoon:   believed to have been operating since 2021, the group targets critical US infrastructure for intelligence gathering purposes in alignment with the requirements of the PRC.

“China is a far more complex and nuanced territory than generally portrayed. Its internal pressures are likely to lead to increased cyber espionage activity, rather than slowing it down,” said Ian Thornton-Trump, CISO at Cyjax.

“The PRC’s approach to cyberspace has always been to use it to advance its business interests, extracting technologies from Western companies and creating a protected domestic market for these industries, giving them an advantage in the global market... A better understanding of the country’s internal forces, and how these relate to its cyber strategy, we can plan better defences against PRC cyber espionage.”

Cyjax     |     Cyjax     |     Security Magazine   

Image: gopixa

You Might Also Read: 

Intelligence Chiefs Accuse China Of IP Theft & Online Deception:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« $15m Bounty To Identify LockBit Bosses
Computers With Light-Speed Capabilities »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

Digital Gurus Recruitment

Digital Gurus Recruitment

Digital Gurus provide specialist recruitment services in areas including IT and information security

Illumio

Illumio

Illumio delivers adaptive security for every computing environment, protecting the 80% of data center and cloud traffic missed by the perimeter.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

Netsafe

Netsafe

Netsafe is an independent, non-profit New Zealand organisation focused on online safety. We help people stay safe online by providing online safety education, advice and support.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Trusted Objects

Trusted Objects

Trusted Object's mission is to provide state of the art security solutions and services enabling a strong root of trust for the IoT ecosystem.

Estio Training

Estio Training

Estio Training is a specialist digital and IT apprenticeships provider, dedicated to introducing new skills and developing existing talent in businesses across the UK.

Octo

Octo

Octo, an IBM company, is a technology firm dedicated to solving the Federal Government’s most complex challenges, enabling agencies to jump the technology curve.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Bleckwen

Bleckwen

Bleckwen is a proven fraud detection system that helps financial institutions build trust with customers.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

Third Wave Innovations

Third Wave Innovations

Third Wave Innovations (formerly RCS Secure) offers a full spectrum of cybersecurity safeguards and IT services.