China Is Predicted To Expand Its Cyber Espionage Operations

China is facing major economic pressures from all sides. Its economy is still suffering from the effect of COVID, its manufacturing industry is shrinking, and its property sector is overleveraged due to an aggressive borrowing strategy. There are also signs of growing dissent amongst its youth, driven by rising unemployment.

Now, analysts at the threat intelligence firm Cyjax are warning that socio-economic turmoil in China could spell bad news for private industry.

Cyjax has recently announced its latest research, Broken China, analysing the turbulent socio-economic situation in China and how this will likely lead to an increase in cyber espionage activities by the People’s Republic of China (PRC) to give Chinese businesses a competitive edge.

The report says that although there are remedies that could aid in China’s economic recovery, its culture of nationalism and conservatism makes implementing them unlikely. There is also the threat of chillier US-China relations if Donald Trump returns to the White House, which could mean even higher trade tariffs than today.

With a bleak economic future looming, Cyjax predicts that the PRC will opt for more short-term solutions to grow its economy fast, and this will include more aggressive cyber espionage campaigns designed to steal foreign intellectual property (IP) and boost Chinese industry.  

The PRC uses various threat groups to conduct espionage campaigns and over the next year Cyjax expects a major uplift in activity from the following:

  • The Gallium group:   active since at least 2012, the group is well known for being part of Operation Soft Shell which targets global telecoms and Microsoft Exchange servers. The group targets and steals IP from telecommunication, financial, and government entities in Southeast Asia, Europe, Africa, and the Middle East.
  • Sandman:   the group targets telecommunication providers in the Middle East, Western Europe and South Asia. It uses a novel backdoor that abuses the LuaJIT platform to deliver malware.
  • MustangPanda:   the group had been observed to be targeting Beijing’s more local advisories mainly including Southeast Asian governments. 
  • VoltTyphoon:   believed to have been operating since 2021, the group targets critical US infrastructure for intelligence gathering purposes in alignment with the requirements of the PRC.

“China is a far more complex and nuanced territory than generally portrayed. Its internal pressures are likely to lead to increased cyber espionage activity, rather than slowing it down,” said Ian Thornton-Trump, CISO at Cyjax.

“The PRC’s approach to cyberspace has always been to use it to advance its business interests, extracting technologies from Western companies and creating a protected domestic market for these industries, giving them an advantage in the global market... A better understanding of the country’s internal forces, and how these relate to its cyber strategy, we can plan better defences against PRC cyber espionage.”

Cyjax     |     Cyjax     |     Security Magazine   

Image: gopixa

You Might Also Read: 

Intelligence Chiefs Accuse China Of IP Theft & Online Deception:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« $15m Bounty To Identify LockBit Bosses
Computers With Light-Speed Capabilities »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

BPC Banking Technologies

BPC Banking Technologies

BPC’s advanced fraud prevention solution helps card issuers and acquirers combat the growing threat by monitoring 100% of transactions, online, in real-time across all channels.

GuidePoint Security

GuidePoint Security

GuidePoint Security provide information security solutions that enable commercial and federal organizations to more successfully achieve their security and business goals.

Tech Mahindra

Tech Mahindra

Tech Mahindra is a global leader in IT solutions, BPO, business consulting services & digital technologies.

ArcRan Information Technology

ArcRan Information Technology

ArcRan concentrates on developing comprehensive cybersecurity solutions for smart city applications. We believe that cybersecurity is the fundamental enabler of IoT development.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Dawgen Global

Dawgen Global

Dawgen Global is an integrated multidisciplinary professional service firm in the Caribbean Region providing a range of services including Risk Management and Information Systems Assurance.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

Cloudflare

Cloudflare

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

CyberUp

CyberUp

CyberUp is a nonprofit organization created to strengthen the cybersecurity workforce. We help employers reimagine how they grow and scale their cybersecurity workforce.

Summit 7 (S7)

Summit 7 (S7)

Summit 7 is a national leader in cybersecurity, compliance, and managed services for the Aerospace and Defense industry and corporate enterprises.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.