Has China Become The Greatest Cyber Power?

A new research report by the threat intelligence experts IntSights explains the growing underground Asian Internet and provides and overview of the Dark Web landscape, government laws and attitudes towards cyber activity, primary uses and motivations, common black market goods and services and key threat actors. 

The report also delves into the Chinese Internet network, where many hackers are not even using the Dark Web or openly-accessible anonymous networks.

This has created an interesting dynamic between the Chinese government and its citizens and leads to a number of additional challenges threat hunters must work around. While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."

The nation's aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen trade secrets and intellectual property, and exfiltrated classified information from government agencies, all without much political impact to the Chinese government.

As China's goals shift to broaden its reach worldwide, more of its effort has focused on the suppression of foreign and domestic opponents that are critical of the Chinese Communist Party. ‘China has taken the reins as the world's preeminent cyber power, evolving into a dynamic force capable of attacking and disrupting its economic and military adversaries while dominating weaker nations it seeks to control....Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape’, according to IntSights' "Dark Side of China: The Evolution of a Global Cyber Power" Report.

The US government has already designated China as the nation's top cyber adversary. And China will only increase its focus on cyber, says Etay Maor, cybersecurity expert and chief security officer at IntSights.

China's last Five-Year Plan, published in 2016, stated that the government would direct the country's manufacturing toward more innovative products from low-value goods, an obvious motivation for the country's continued attacks, he says. "When it comes to China, cyber is not a tactical weapon, it is a strategic means to an end," Maor says. "And if you are wondering what that end is, it is not something secret, it is something that is published every five years."

As part of the broader focus on the world stage, Chinese cyber attackers will likely continue to expand their scope of targets. In the past, the US and European targets bore the brunt of cyber-attacks from China-linked groups, but increasingly attacks are driven by the country's ambitions elsewhere, the report states.

India, Australia, and attacks on specific cultural and religious groups have suffered numerous attacks in the past few years.

"Over the past decade, China has become increasingly forthright in its intentions, and this change has been observed in cyber operations as well," the report states....Researchers have observed stark differences in tactics, tone, and behavior from Chinese state-sponsored cyber, military, and political parties over the past several years."

While some security experts may argue that the United States, or even Russia, should be considered the world's greatest cyber power, especially, if cyber is considered to be more than just cyber operations, the argument that China takes the top slot is not idle. In a press briefing in July, FBI Director Christopher Wray called Chinese cyber-attacks targeting US companies' intellectual property and gathering up the personal information of US citizens as "one of the largest transfers of wealth in human history."

The FBI blames China for the 2017 Equifax hack, which stole the personal data on 150 million Americans and noted that half of the 5,000 counterintelligence investigations currently being conducted in the United States are related to China.

Wicked Panda, or APT41, is emblematic of the rise in China's cyber operations capability. While the group, whose earliest activity dates back to 2012, and possibly 2008, originally focused on espionage campaigns, there has generally also been a financial component to its attacks as well.

IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets:

  • India,
  • Australia,
  • Hong Kong 
  • Cultural and religious organisations. (Muslims, Falun Gong)

Overall, the group exhibits significant technical capabilities, using 150 different malware components from almost 50 code families, the report states.

China has also increasingly used disinformation campaigns, although historically against domestic targets. More recently, however, Chinese campaigns have targeted themes surrounding the coronavirus pandemic, deflecting any blame from China and pointing to the US as the source of the virus.

Intsights:    Dark Reading:         Security Boulevard:         PR Newswire

You Might Also Read:

China's Surveillance State Extends Beyond Its Borders:

 

« How Did Belarus Shut Down The Internet ?
Getting A Cyber Security Job »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Expand Executive Search

Expand Executive Search

Expand Executive Search provides specialist executive recruitment services in Technology, Communications and Digital Media.

Gamma

Gamma

Gamma provide a comprehensive range of next generation voice, data and mobile services including Managed Network Security and secure Mobile solutions.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

CompliancePoint

CompliancePoint

We design and implement strategies, processes & procedures to mitigate risk, reach compliance goals, protect data assets, and meet industry standards.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

Thinkst Applied Research

Thinkst Applied Research

Thinkst is an Applied Research company with a deep focus on information security.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

Tyler Technologies

Tyler Technologies

Tyler Technologies is a leading provider of end-to-end information management solutions and services for local governments.

Black Cybersecurity Association (BCA)

Black Cybersecurity Association (BCA)

Black Cybersecurity Association is an inclusive non-profit organization focused on community, and career mentorship for underrepresented minorities in the cybersecurity industry.

Speedinvest

Speedinvest

Speedinvest is one of Europe’s most active early-stage investors with a focus on Deep Tech, Fintech, Industrial Tech, Network Effects, and Digital Health.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.