Has China Become The Greatest Cyber Power?

Uploaded on 2020-09-03 in INTELLIGENCE-Hot Spots-China, FREE TO VIEW

A new research report by the threat intelligence experts IntSights explains the growing underground Asian Internet and provides and overview of the Dark Web landscape, government laws and attitudes towards cyber activity, primary uses and motivations, common black market goods and services and key threat actors. 

The report also delves into the Chinese Internet network, where many hackers are not even using the Dark Web or openly-accessible anonymous networks.

This has created an interesting dynamic between the Chinese government and its citizens and leads to a number of additional challenges threat hunters must work around. While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."

The nation's aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen trade secrets and intellectual property, and exfiltrated classified information from government agencies, all without much political impact to the Chinese government.

As China's goals shift to broaden its reach worldwide, more of its effort has focused on the suppression of foreign and domestic opponents that are critical of the Chinese Communist Party. ‘China has taken the reins as the world's preeminent cyber power, evolving into a dynamic force capable of attacking and disrupting its economic and military adversaries while dominating weaker nations it seeks to control....Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape’, according to IntSights' "Dark Side of China: The Evolution of a Global Cyber Power" Report.

The US government has already designated China as the nation's top cyber adversary. And China will only increase its focus on cyber, says Etay Maor, cybersecurity expert and chief security officer at IntSights.

China's last Five-Year Plan, published in 2016, stated that the government would direct the country's manufacturing toward more innovative products from low-value goods, an obvious motivation for the country's continued attacks, he says. "When it comes to China, cyber is not a tactical weapon, it is a strategic means to an end," Maor says. "And if you are wondering what that end is, it is not something secret, it is something that is published every five years."

As part of the broader focus on the world stage, Chinese cyber attackers will likely continue to expand their scope of targets. In the past, the US and European targets bore the brunt of cyber-attacks from China-linked groups, but increasingly attacks are driven by the country's ambitions elsewhere, the report states.

India, Australia, and attacks on specific cultural and religious groups have suffered numerous attacks in the past few years.

"Over the past decade, China has become increasingly forthright in its intentions, and this change has been observed in cyber operations as well," the report states....Researchers have observed stark differences in tactics, tone, and behavior from Chinese state-sponsored cyber, military, and political parties over the past several years."

While some security experts may argue that the United States, or even Russia, should be considered the world's greatest cyber power, especially, if cyber is considered to be more than just cyber operations, the argument that China takes the top slot is not idle. In a press briefing in July, FBI Director Christopher Wray called Chinese cyber-attacks targeting US companies' intellectual property and gathering up the personal information of US citizens as "one of the largest transfers of wealth in human history."

The FBI blames China for the 2017 Equifax hack, which stole the personal data on 150 million Americans and noted that half of the 5,000 counterintelligence investigations currently being conducted in the United States are related to China.

Wicked Panda, or APT41, is emblematic of the rise in China's cyber operations capability. While the group, whose earliest activity dates back to 2012, and possibly 2008, originally focused on espionage campaigns, there has generally also been a financial component to its attacks as well.

IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets:

  • India,
  • Australia,
  • Hong Kong 
  • Cultural and religious organisations. (Muslims, Falun Gong)

Overall, the group exhibits significant technical capabilities, using 150 different malware components from almost 50 code families, the report states.

China has also increasingly used disinformation campaigns, although historically against domestic targets. More recently, however, Chinese campaigns have targeted themes surrounding the coronavirus pandemic, deflecting any blame from China and pointing to the US as the source of the virus.

Intsights:    Dark Reading:         Security Boulevard:         PR Newswire

You Might Also Read:

China's Surveillance State Extends Beyond Its Borders:

 

« How Did Belarus Shut Down The Internet ?
Getting A Cyber Security Job »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MetaCompliance

MetaCompliance

MetaCompliance is a cyber security and compliance organisation that helps transform your company culture and safeguard your data and values.

Lumeta

Lumeta

Lumeta’s cyber situational awareness platform is the unmatched source for enterprise network infrastructure analytics and security monitoring for breach detection.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

Commonwealth Cybercrime Initiative (CCI)

Commonwealth Cybercrime Initiative (CCI)

The CCI unites 35 international organisations contributing to multidisciplinary programmes in Commonwealth countries. These organisations form the CCI Consortium.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

Information Security Officers Group (ISOG)

Information Security Officers Group (ISOG)

ISOG's mission is to strengthen information security through awareness and education programs, promoting community and fellowship among information security leaders.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

Blue Bastion

Blue Bastion

Don’t give cybercriminals the chance to find weaknesses in your company’s cyber security system. Defend your institution from all attacks from all directions with Blue Bastion.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Standard Notes

Standard Notes

Standard Notes is a secure digital notes app that protects your notes and files with audited, industry-leading end-to-end encryption.