Has China Become The Greatest Cyber Power?

Uploaded on 2020-09-03 in INTELLIGENCE-Hot Spots-China, FREE TO VIEW

A new research report by the threat intelligence experts IntSights explains the growing underground Asian Internet and provides and overview of the Dark Web landscape, government laws and attitudes towards cyber activity, primary uses and motivations, common black market goods and services and key threat actors. 

The report also delves into the Chinese Internet network, where many hackers are not even using the Dark Web or openly-accessible anonymous networks.

This has created an interesting dynamic between the Chinese government and its citizens and leads to a number of additional challenges threat hunters must work around. While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."

The nation's aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen trade secrets and intellectual property, and exfiltrated classified information from government agencies, all without much political impact to the Chinese government.

As China's goals shift to broaden its reach worldwide, more of its effort has focused on the suppression of foreign and domestic opponents that are critical of the Chinese Communist Party. ‘China has taken the reins as the world's preeminent cyber power, evolving into a dynamic force capable of attacking and disrupting its economic and military adversaries while dominating weaker nations it seeks to control....Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape’, according to IntSights' "Dark Side of China: The Evolution of a Global Cyber Power" Report.

The US government has already designated China as the nation's top cyber adversary. And China will only increase its focus on cyber, says Etay Maor, cybersecurity expert and chief security officer at IntSights.

China's last Five-Year Plan, published in 2016, stated that the government would direct the country's manufacturing toward more innovative products from low-value goods, an obvious motivation for the country's continued attacks, he says. "When it comes to China, cyber is not a tactical weapon, it is a strategic means to an end," Maor says. "And if you are wondering what that end is, it is not something secret, it is something that is published every five years."

As part of the broader focus on the world stage, Chinese cyber attackers will likely continue to expand their scope of targets. In the past, the US and European targets bore the brunt of cyber-attacks from China-linked groups, but increasingly attacks are driven by the country's ambitions elsewhere, the report states.

India, Australia, and attacks on specific cultural and religious groups have suffered numerous attacks in the past few years.

"Over the past decade, China has become increasingly forthright in its intentions, and this change has been observed in cyber operations as well," the report states....Researchers have observed stark differences in tactics, tone, and behavior from Chinese state-sponsored cyber, military, and political parties over the past several years."

While some security experts may argue that the United States, or even Russia, should be considered the world's greatest cyber power, especially, if cyber is considered to be more than just cyber operations, the argument that China takes the top slot is not idle. In a press briefing in July, FBI Director Christopher Wray called Chinese cyber-attacks targeting US companies' intellectual property and gathering up the personal information of US citizens as "one of the largest transfers of wealth in human history."

The FBI blames China for the 2017 Equifax hack, which stole the personal data on 150 million Americans and noted that half of the 5,000 counterintelligence investigations currently being conducted in the United States are related to China.

Wicked Panda, or APT41, is emblematic of the rise in China's cyber operations capability. While the group, whose earliest activity dates back to 2012, and possibly 2008, originally focused on espionage campaigns, there has generally also been a financial component to its attacks as well.

IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets:

  • India,
  • Australia,
  • Hong Kong 
  • Cultural and religious organisations. (Muslims, Falun Gong)

Overall, the group exhibits significant technical capabilities, using 150 different malware components from almost 50 code families, the report states.

China has also increasingly used disinformation campaigns, although historically against domestic targets. More recently, however, Chinese campaigns have targeted themes surrounding the coronavirus pandemic, deflecting any blame from China and pointing to the US as the source of the virus.

Intsights:    Dark Reading:         Security Boulevard:         PR Newswire

You Might Also Read:

China's Surveillance State Extends Beyond Its Borders:

 

« How Did Belarus Shut Down The Internet ?
Getting A Cyber Security Job »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Hyper Recruitment Solutions

Hyper Recruitment Solutions

Hyper Recruitment Solutions is a specialist and highly compliant recruitment consultancy dedicated to the Science and Technology sectors.

mnemonic

mnemonic

mnemonic helps businesses manage their security risks, protect their data and defend against cyber threats.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

TCDI

TCDI

TCDI specializes in computer forensics, eDiscovery and cybersecurity services.

LEPL Cyber ​​Security Bureau - Georgia

LEPL Cyber ​​Security Bureau - Georgia

The aim of the LEPL Cyber Security Bureau is to create and strengthen stable, efficient and secure systems of information and communications technologies.

Verifi

Verifi

Verifi is an award-winning provider of end-to-end payment protection and risk management solutions.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Apozy

Apozy

Apozy replaces a secure web gateway to nullify phishing, malware and impersonation attacks.

Cyber Talents

Cyber Talents

CyberTalents is on a mission to close the gap of cyber security professionals shortage across the globe.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

Secure Digital Solutions (SDS)

Secure Digital Solutions (SDS)

Secure Digital Solutions is a leading consulting firm in the business of information security providing cyber security program strategy, enterprise risk and compliance, and data privacy.

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity is a cybersecurity and advisory firm. We specialize in penetration testing, threat hunting, incident response, regulatory compliance, and employee training services.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Custodia Continuity

Custodia Continuity

Custodia Continuity manage your Security, Backup, Continuity and Compliance. You get on with your business.

Telarus

Telarus

Telarus is a Technology Services Brokerage that holds contracts with the world's leading cloud voice, contact center, cybersecurity, mobility and IoT providers.