Preparing For A South China Sea Cyber Storm

As tensions between China and the US heat up, strategic moves are gaining traction that will inevitably have repercussions on the Western world for generations.

However, the world must be aware that as the geopolitical landscape continues to fracture, cyberspace will almost certainly act as a second front for nation states to achieve their agendas, potentially impacting global businesses across the industry spectrum.

The perceived threat posed by Beijing is manifested by the territorial disputes between China with both Japan and the Philippines respectively, with the former regarding the Senkaku Islands in the East China Sea and the latter pertaining to Second Thomas Shoal, located close to the coast of the Philippine Island of Palawan. Taiwan also plays a critical role with China bent on reunification with the island.

However, Beijing cannot realistically invade Taiwan without encountering the Philippines or Japanese bases. Why?

Primarily because there is a proximity of less than a few hundred miles of water separating Philippine and Japanese territory from Taiwan. Further, both the Philippines President Ferdinand Marcos Jr and the Japanese Prime Minister Fumio Kishida have publicly stated that peace in Taiwan is essential to their respective national security postures.

Has China United A Tri-Lateral Faction? 

US President Joe Biden and his counterparts, Kishida and Marcos Jr., held the first-ever U.S.-Japan-Philippines trilateral summit on April 11th, highlighting the importance of the US Indo-Pacific Strategy, with the leaders pledging to pursue a free and open Indo-Pacific “for decades to come.”

A recently formed trilateral US-Japan-Philippines relationship is not the only faction threatening Chinese interests these days as the US, Japan and South Korea have also enhanced their defense cooperation; whilst Tokyo is strengthening security ties with the Southeast Asian thorn in the side of Beijing, that is Vietnam. 

An Artificial Chinese Response? 

The current Biden administration will likely view this new partnership as a method of withstanding potential leadership changes in the upcoming US Presidential Election in November. However, we have assessed that this will likely face serious challenges from cyber actors across the Far East.  

Beijing’s increasing interest in the Taiwan Strait will likely result in surging Chinese state cyber actor operations throughout the period leading up the November 5th US Presidential Election as a potential conflict in the region could be influenced by Washington’s desires to preserve stability in the area.

We have assessed that aggressive social media disinformation operations will likely target US businesses and government officials to shape the global information domain in favor of Chinese interests.

These nation state-level offensive protocols will likely impact the technology sector with China demonstrating increasing levels of sophistication including the incorporation of generative artificial intelligence (GenAI) technologies, that would allow for scaled campaigns, resulting in social tensions and the erosion of confidence in US-based establishments. 

Impacted Western Sectors 

As China inches closer to its intelligence gathering objectives, its state actors have pivoted to a more destructive posture by launching cyber-attacks, including a recent Volt Typhoon operation, against US-based critical national infrastructure and military assets in what we have assessed to likely be a pre-positioned attack against Western infrastructure as a precursor for any potential military conflicts with Washington and to disrupt communications between the US and its allies within East Asia, including Taiwan and Japan. This could potentially deter US military engagements by delaying US decision making, inducing societal panic, and interfering with the deployment of US forces.

We have assessed that these offensive efforts will likely spill over into the education, energy, finance, government, and healthcare, as well as the aerospace and defense verticals. 

Defense Strategies 

Based on the attack chain that we have detected to have been incorporated by Chinese sponsored cyber forces, the Quorum Cyber Threat Intelligence team strongly recommends that organizations implement the following defensive measures to strengthen operational resilience: 

Initial Assessment 

  •  Assess the organization’s current security posture and implement Cybersecurity Performance Goals (CPGs) to bolster resilience.  
  • Establish a baseline normal host behavior and user activity to detect anomalous activity on endpoints when reviewing logs. 

Mitigate Risk 

  • Prioritize logging (e.g., command-line interface “CLI”) and close and/or monitor high-risk ports (e.g., Remote Desktop Protocol, Server Message Block).
  • Establish the principle of least privilege by isolating privileged administrator actions and locations to a manageable subset of locations, where effective baselines can be established.

 
Craig Watt is a Threat Intelligence Consultant at Quorum Cyber  

Image: Ideogram

You Might Also Read: 

Cyber Aftermath From The Airstrike On Syria’s Iranian Consulate:  


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible



 

« Rising AI Security Threats To Small Businesses
Taiwan Targeted In Espionage Campaign »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SI-CERT

SI-CERT

SI-CERT (Slovenian Computer Emergency Response Team) is the national cyber scurity incident response center for Slovenia.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

PhishLabs

PhishLabs

PhishLabs provides 24/7 services that help organizations protect against the cyberattacks targeting their employees, their customers and their brands.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

NEC

NEC

NEC offers a complete array of solutions to governments and enterprises to protect themselves from the threats of digital disruption.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

Bfore.ai

Bfore.ai

Stop future attacks, today. Bfore.ai is an operational threat intelligence feed to add predictive technology to your security infrastructure.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Somos

Somos

From voice to messaging to fraud prevention and beyond, Somos are committed to developing innovative solutions that ensure that our ability to maintain trustworthy connections never stops.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.

Replica

Replica

Replica creates authentic virtual environments that ensure identities and assets are always protected no matter where or what work needs to get done.

Axiler

Axiler

Axiler’s AI-driven self-healing architecture seamlessly detect, patch, and neutralize threats in real-time, ensuring systems remain secure and ever-adaptable.