Has China Become The Greatest Cyber Power?

Uploaded on 2020-09-03 in INTELLIGENCE-Hot Spots-China, FREE TO VIEW

A new research report by the threat intelligence experts IntSights explains the growing underground Asian Internet and provides and overview of the Dark Web landscape, government laws and attitudes towards cyber activity, primary uses and motivations, common black market goods and services and key threat actors. 

The report also delves into the Chinese Internet network, where many hackers are not even using the Dark Web or openly-accessible anonymous networks.

This has created an interesting dynamic between the Chinese government and its citizens and leads to a number of additional challenges threat hunters must work around. While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."

The nation's aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen trade secrets and intellectual property, and exfiltrated classified information from government agencies, all without much political impact to the Chinese government.

As China's goals shift to broaden its reach worldwide, more of its effort has focused on the suppression of foreign and domestic opponents that are critical of the Chinese Communist Party. ‘China has taken the reins as the world's preeminent cyber power, evolving into a dynamic force capable of attacking and disrupting its economic and military adversaries while dominating weaker nations it seeks to control....Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape’, according to IntSights' "Dark Side of China: The Evolution of a Global Cyber Power" Report.

The US government has already designated China as the nation's top cyber adversary. And China will only increase its focus on cyber, says Etay Maor, cybersecurity expert and chief security officer at IntSights.

China's last Five-Year Plan, published in 2016, stated that the government would direct the country's manufacturing toward more innovative products from low-value goods, an obvious motivation for the country's continued attacks, he says. "When it comes to China, cyber is not a tactical weapon, it is a strategic means to an end," Maor says. "And if you are wondering what that end is, it is not something secret, it is something that is published every five years."

As part of the broader focus on the world stage, Chinese cyber attackers will likely continue to expand their scope of targets. In the past, the US and European targets bore the brunt of cyber-attacks from China-linked groups, but increasingly attacks are driven by the country's ambitions elsewhere, the report states.

India, Australia, and attacks on specific cultural and religious groups have suffered numerous attacks in the past few years.

"Over the past decade, China has become increasingly forthright in its intentions, and this change has been observed in cyber operations as well," the report states....Researchers have observed stark differences in tactics, tone, and behavior from Chinese state-sponsored cyber, military, and political parties over the past several years."

While some security experts may argue that the United States, or even Russia, should be considered the world's greatest cyber power, especially, if cyber is considered to be more than just cyber operations, the argument that China takes the top slot is not idle. In a press briefing in July, FBI Director Christopher Wray called Chinese cyber-attacks targeting US companies' intellectual property and gathering up the personal information of US citizens as "one of the largest transfers of wealth in human history."

The FBI blames China for the 2017 Equifax hack, which stole the personal data on 150 million Americans and noted that half of the 5,000 counterintelligence investigations currently being conducted in the United States are related to China.

Wicked Panda, or APT41, is emblematic of the rise in China's cyber operations capability. While the group, whose earliest activity dates back to 2012, and possibly 2008, originally focused on espionage campaigns, there has generally also been a financial component to its attacks as well.

IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets:

  • India,
  • Australia,
  • Hong Kong 
  • Cultural and religious organisations. (Muslims, Falun Gong)

Overall, the group exhibits significant technical capabilities, using 150 different malware components from almost 50 code families, the report states.

China has also increasingly used disinformation campaigns, although historically against domestic targets. More recently, however, Chinese campaigns have targeted themes surrounding the coronavirus pandemic, deflecting any blame from China and pointing to the US as the source of the virus.

Intsights:    Dark Reading:         Security Boulevard:         PR Newswire

You Might Also Read:

China's Surveillance State Extends Beyond Its Borders:

 

« How Did Belarus Shut Down The Internet ?
Getting A Cyber Security Job »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

LexisNexis Risk Solutions

LexisNexis Risk Solutions

LexisNexis Risk Solutions provides technology solutions for Anti-Money Laundering, Fraud Mitigation, Anti-Bribery and Corruption, Identity Management, Tracing and Investigation.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Curtail

Curtail

Curtail keeps businesses running by using live traffic analysis to identify defects before software goes live, and detect and isolate security threats before they impact systems.

Noname Security

Noname Security

Noname Security detects and resolves API vulnerabilities and misconfigurations before they are exploited.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

R-Tech

R-Tech

R-Tech GmbH manages the digital start-up initiative, whose goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

Strata Information Group (SIG)

Strata Information Group (SIG)

Strata Information Group (SIG) is a trusted partner in IT solutions and consulting services.

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

Idenhaus Consulting

Idenhaus Consulting

Idenhaus specializes in Cybersecurity and Identity Management (IAM) Consulting.