China Is Predicted To Expand Its Cyber Espionage Operations

Uploaded on 2024-03-25 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

China is facing major economic pressures from all sides. Its economy is still suffering from the effect of COVID, its manufacturing industry is shrinking, and its property sector is overleveraged due to an aggressive borrowing strategy. There are also signs of growing dissent amongst its youth, driven by rising unemployment.

Now, analysts at the threat intelligence firm Cyjax are warning that socio-economic turmoil in China could spell bad news for private industry.

Cyjax has recently announced its latest research, Broken China, analysing the turbulent socio-economic situation in China and how this will likely lead to an increase in cyber espionage activities by the People’s Republic of China (PRC) to give Chinese businesses a competitive edge.

The report says that although there are remedies that could aid in China’s economic recovery, its culture of nationalism and conservatism makes implementing them unlikely. There is also the threat of chillier US-China relations if Donald Trump returns to the White House, which could mean even higher trade tariffs than today.

With a bleak economic future looming, Cyjax predicts that the PRC will opt for more short-term solutions to grow its economy fast, and this will include more aggressive cyber espionage campaigns designed to steal foreign intellectual property (IP) and boost Chinese industry.  

The PRC uses various threat groups to conduct espionage campaigns and over the next year Cyjax expects a major uplift in activity from the following:

  • The Gallium group:   active since at least 2012, the group is well known for being part of Operation Soft Shell which targets global telecoms and Microsoft Exchange servers. The group targets and steals IP from telecommunication, financial, and government entities in Southeast Asia, Europe, Africa, and the Middle East.
  • Sandman:   the group targets telecommunication providers in the Middle East, Western Europe and South Asia. It uses a novel backdoor that abuses the LuaJIT platform to deliver malware.
  • MustangPanda:   the group had been observed to be targeting Beijing’s more local advisories mainly including Southeast Asian governments. 
  • VoltTyphoon:   believed to have been operating since 2021, the group targets critical US infrastructure for intelligence gathering purposes in alignment with the requirements of the PRC.

“China is a far more complex and nuanced territory than generally portrayed. Its internal pressures are likely to lead to increased cyber espionage activity, rather than slowing it down,” said Ian Thornton-Trump, CISO at Cyjax.

“The PRC’s approach to cyberspace has always been to use it to advance its business interests, extracting technologies from Western companies and creating a protected domestic market for these industries, giving them an advantage in the global market... A better understanding of the country’s internal forces, and how these relate to its cyber strategy, we can plan better defences against PRC cyber espionage.”

Cyjax     |     Cyjax     |     Security Magazine   

Image: gopixa

You Might Also Read: 

Intelligence Chiefs Accuse China Of IP Theft & Online Deception:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« $15m Bounty To Identify LockBit Bosses
Computers With Light-Speed Capabilities »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

Vicarius

Vicarius

Vicarius’ mission is to revolutionize vulnerability management from problem detection to proactive problem resolution.

National Digital Exploitation Centre (NDEC) - United Kingdom

National Digital Exploitation Centre (NDEC) - United Kingdom

NDEC is a project to create a centre of cyber and digital development and education for the UK. It will offer training in digital practices, cyber security and research.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP provides solutions and services around Core Infrastructure, Cloud, Cyber Security, Enterprise Applications, Intelligent Automation and Data, Smart Buildings, and Managed Services.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.

IT Solutions Consulting

IT Solutions Consulting

IT Solutions is a full-service IT partner providing managed services and other information technology solutions nationwide.

Faddom

Faddom

Faddom is an agentless tool that visualizes your on-premises and cloud infrastructure, as well as their inter-dependencies.

Mitigata

Mitigata

Welcome to Mitigata, your premier partner in cybersecurity insurance, defence, compliance, and consultancy.