China Is Predicted To Expand Its Cyber Espionage Operations

China is facing major economic pressures from all sides. Its economy is still suffering from the effect of COVID, its manufacturing industry is shrinking, and its property sector is overleveraged due to an aggressive borrowing strategy. There are also signs of growing dissent amongst its youth, driven by rising unemployment.

Now, analysts at the threat intelligence firm Cyjax are warning that socio-economic turmoil in China could spell bad news for private industry.

Cyjax has recently announced its latest research, Broken China, analysing the turbulent socio-economic situation in China and how this will likely lead to an increase in cyber espionage activities by the People’s Republic of China (PRC) to give Chinese businesses a competitive edge.

The report says that although there are remedies that could aid in China’s economic recovery, its culture of nationalism and conservatism makes implementing them unlikely. There is also the threat of chillier US-China relations if Donald Trump returns to the White House, which could mean even higher trade tariffs than today.

With a bleak economic future looming, Cyjax predicts that the PRC will opt for more short-term solutions to grow its economy fast, and this will include more aggressive cyber espionage campaigns designed to steal foreign intellectual property (IP) and boost Chinese industry.  

The PRC uses various threat groups to conduct espionage campaigns and over the next year Cyjax expects a major uplift in activity from the following:

  • The Gallium group:   active since at least 2012, the group is well known for being part of Operation Soft Shell which targets global telecoms and Microsoft Exchange servers. The group targets and steals IP from telecommunication, financial, and government entities in Southeast Asia, Europe, Africa, and the Middle East.
  • Sandman:   the group targets telecommunication providers in the Middle East, Western Europe and South Asia. It uses a novel backdoor that abuses the LuaJIT platform to deliver malware.
  • MustangPanda:   the group had been observed to be targeting Beijing’s more local advisories mainly including Southeast Asian governments. 
  • VoltTyphoon:   believed to have been operating since 2021, the group targets critical US infrastructure for intelligence gathering purposes in alignment with the requirements of the PRC.

“China is a far more complex and nuanced territory than generally portrayed. Its internal pressures are likely to lead to increased cyber espionage activity, rather than slowing it down,” said Ian Thornton-Trump, CISO at Cyjax.

“The PRC’s approach to cyberspace has always been to use it to advance its business interests, extracting technologies from Western companies and creating a protected domestic market for these industries, giving them an advantage in the global market... A better understanding of the country’s internal forces, and how these relate to its cyber strategy, we can plan better defences against PRC cyber espionage.”

Cyjax     |     Cyjax     |     Security Magazine   

Image: gopixa

You Might Also Read: 

Intelligence Chiefs Accuse China Of IP Theft & Online Deception:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« $15m Bounty To Identify LockBit Bosses
Computers With Light-Speed Capabilities »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

Penningtons Manches Cooper

Penningtons Manches Cooper

Penningtons Manches Cooper is a leading UK law firm providing high quality legal advice in areas including Data Protection, Cyber Security and Cyber Crime.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

GB Group (GBG)

GB Group (GBG)

GBG is a global technology specialist in fraud, location and identity data intelligence.

AUREA Technology

AUREA Technology

The photon counter SPD_OEM_NIR from AUREA Technology is designed for quantum key distribution at telecom wavelengths.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Dynamic Quest

Dynamic Quest

Dynamic Quest is a managed IT, cloud and security services companies, providing a comprehensive range of technology services including cybersecurity, backup and disaster recovery.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Exalens

Exalens

With deep roots in AI-driven cyber-physical security research and intrusion detection, at Exalens, we are enhancing operational resilience for cyber-physical systems at the OT edge.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

Softsource vBridge

Softsource vBridge

Softsource vBridge are an ICT systems integrator providing specialist technology solutions, professional services, technical expertise and data centre services.