Has China Become The Greatest Cyber Power?

A new research report by the threat intelligence experts IntSights explains the growing underground Asian Internet and provides and overview of the Dark Web landscape, government laws and attitudes towards cyber activity, primary uses and motivations, common black market goods and services and key threat actors. 

The report also delves into the Chinese Internet network, where many hackers are not even using the Dark Web or openly-accessible anonymous networks.

This has created an interesting dynamic between the Chinese government and its citizens and leads to a number of additional challenges threat hunters must work around. While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China's aggressive approach to cyber operations has made it "perhaps the world's greatest cyber power."

The nation's aggressive approach to using cyber operations to achieve political and national aims has set its cyber strategy apart from the more cautious and considered approaches of most other nations. Attackers linked to China have vacuumed up personally identifiable information on US and European citizens, stolen trade secrets and intellectual property, and exfiltrated classified information from government agencies, all without much political impact to the Chinese government.

As China's goals shift to broaden its reach worldwide, more of its effort has focused on the suppression of foreign and domestic opponents that are critical of the Chinese Communist Party. ‘China has taken the reins as the world's preeminent cyber power, evolving into a dynamic force capable of attacking and disrupting its economic and military adversaries while dominating weaker nations it seeks to control....Recent research indicates that China is shifting its cyber objectives, targets, and tactics, demonstrating its intent to exert its influence over the dynamic global digital landscape’, according to IntSights' "Dark Side of China: The Evolution of a Global Cyber Power" Report.

The US government has already designated China as the nation's top cyber adversary. And China will only increase its focus on cyber, says Etay Maor, cybersecurity expert and chief security officer at IntSights.

China's last Five-Year Plan, published in 2016, stated that the government would direct the country's manufacturing toward more innovative products from low-value goods, an obvious motivation for the country's continued attacks, he says. "When it comes to China, cyber is not a tactical weapon, it is a strategic means to an end," Maor says. "And if you are wondering what that end is, it is not something secret, it is something that is published every five years."

As part of the broader focus on the world stage, Chinese cyber attackers will likely continue to expand their scope of targets. In the past, the US and European targets bore the brunt of cyber-attacks from China-linked groups, but increasingly attacks are driven by the country's ambitions elsewhere, the report states.

India, Australia, and attacks on specific cultural and religious groups have suffered numerous attacks in the past few years.

"Over the past decade, China has become increasingly forthright in its intentions, and this change has been observed in cyber operations as well," the report states....Researchers have observed stark differences in tactics, tone, and behavior from Chinese state-sponsored cyber, military, and political parties over the past several years."

While some security experts may argue that the United States, or even Russia, should be considered the world's greatest cyber power, especially, if cyber is considered to be more than just cyber operations, the argument that China takes the top slot is not idle. In a press briefing in July, FBI Director Christopher Wray called Chinese cyber-attacks targeting US companies' intellectual property and gathering up the personal information of US citizens as "one of the largest transfers of wealth in human history."

The FBI blames China for the 2017 Equifax hack, which stole the personal data on 150 million Americans and noted that half of the 5,000 counterintelligence investigations currently being conducted in the United States are related to China.

Wicked Panda, or APT41, is emblematic of the rise in China's cyber operations capability. While the group, whose earliest activity dates back to 2012, and possibly 2008, originally focused on espionage campaigns, there has generally also been a financial component to its attacks as well.

IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets:

  • India,
  • Australia,
  • Hong Kong 
  • Cultural and religious organisations. (Muslims, Falun Gong)

Overall, the group exhibits significant technical capabilities, using 150 different malware components from almost 50 code families, the report states.

China has also increasingly used disinformation campaigns, although historically against domestic targets. More recently, however, Chinese campaigns have targeted themes surrounding the coronavirus pandemic, deflecting any blame from China and pointing to the US as the source of the virus.

Intsights:    Dark Reading:         Security Boulevard:         PR Newswire

You Might Also Read:

China's Surveillance State Extends Beyond Its Borders:

 

« How Did Belarus Shut Down The Internet ?
Getting A Cyber Security Job »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

Zivver

Zivver

Zivver is the effortless, secure email platform, powering the next generation of secure communications.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

Silensec

Silensec

Silensec is a management consulting, technology services and training company specialized in information security.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

CyberFortress

CyberFortress

CyberFortress is an insuretech startup offering a new kind of online business interruption policy designed for small business.

ChaosSearch

ChaosSearch

ChaosSearch is a massively scalable ELK-compatible log analysis platform delivered as a fully managed service with high-performance and low cost.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.