Preparing For A South China Sea Cyber Storm

Uploaded on 2024-07-04 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW

As tensions between China and the US heat up, strategic moves are gaining traction that will inevitably have repercussions on the Western world for generations.

However, the world must be aware that as the geopolitical landscape continues to fracture, cyberspace will almost certainly act as a second front for nation states to achieve their agendas, potentially impacting global businesses across the industry spectrum.

The perceived threat posed by Beijing is manifested by the territorial disputes between China with both Japan and the Philippines respectively, with the former regarding the Senkaku Islands in the East China Sea and the latter pertaining to Second Thomas Shoal, located close to the coast of the Philippine Island of Palawan. Taiwan also plays a critical role with China bent on reunification with the island.

However, Beijing cannot realistically invade Taiwan without encountering the Philippines or Japanese bases. Why?

Primarily because there is a proximity of less than a few hundred miles of water separating Philippine and Japanese territory from Taiwan. Further, both the Philippines President Ferdinand Marcos Jr and the Japanese Prime Minister Fumio Kishida have publicly stated that peace in Taiwan is essential to their respective national security postures.

Has China United A Tri-Lateral Faction? 

US President Joe Biden and his counterparts, Kishida and Marcos Jr., held the first-ever U.S.-Japan-Philippines trilateral summit on April 11th, highlighting the importance of the US Indo-Pacific Strategy, with the leaders pledging to pursue a free and open Indo-Pacific “for decades to come.”

A recently formed trilateral US-Japan-Philippines relationship is not the only faction threatening Chinese interests these days as the US, Japan and South Korea have also enhanced their defense cooperation; whilst Tokyo is strengthening security ties with the Southeast Asian thorn in the side of Beijing, that is Vietnam. 

An Artificial Chinese Response? 

The current Biden administration will likely view this new partnership as a method of withstanding potential leadership changes in the upcoming US Presidential Election in November. However, we have assessed that this will likely face serious challenges from cyber actors across the Far East.  

Beijing’s increasing interest in the Taiwan Strait will likely result in surging Chinese state cyber actor operations throughout the period leading up the November 5th US Presidential Election as a potential conflict in the region could be influenced by Washington’s desires to preserve stability in the area.

We have assessed that aggressive social media disinformation operations will likely target US businesses and government officials to shape the global information domain in favor of Chinese interests.

These nation state-level offensive protocols will likely impact the technology sector with China demonstrating increasing levels of sophistication including the incorporation of generative artificial intelligence (GenAI) technologies, that would allow for scaled campaigns, resulting in social tensions and the erosion of confidence in US-based establishments. 

Impacted Western Sectors 

As China inches closer to its intelligence gathering objectives, its state actors have pivoted to a more destructive posture by launching cyber-attacks, including a recent Volt Typhoon operation, against US-based critical national infrastructure and military assets in what we have assessed to likely be a pre-positioned attack against Western infrastructure as a precursor for any potential military conflicts with Washington and to disrupt communications between the US and its allies within East Asia, including Taiwan and Japan. This could potentially deter US military engagements by delaying US decision making, inducing societal panic, and interfering with the deployment of US forces.

We have assessed that these offensive efforts will likely spill over into the education, energy, finance, government, and healthcare, as well as the aerospace and defense verticals. 

Defense Strategies 

Based on the attack chain that we have detected to have been incorporated by Chinese sponsored cyber forces, the Quorum Cyber Threat Intelligence team strongly recommends that organizations implement the following defensive measures to strengthen operational resilience: 

Initial Assessment 

  •  Assess the organization’s current security posture and implement Cybersecurity Performance Goals (CPGs) to bolster resilience.  
  • Establish a baseline normal host behavior and user activity to detect anomalous activity on endpoints when reviewing logs. 

Mitigate Risk 

  • Prioritize logging (e.g., command-line interface “CLI”) and close and/or monitor high-risk ports (e.g., Remote Desktop Protocol, Server Message Block).
  • Establish the principle of least privilege by isolating privileged administrator actions and locations to a manageable subset of locations, where effective baselines can be established.

 
Craig Watt is a Threat Intelligence Consultant at Quorum Cyber  

Image: Ideogram

You Might Also Read: 

Cyber Aftermath From The Airstrike On Syria’s Iranian Consulate:  

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Rising AI Security Threats To Small Businesses
Taiwan Targeted In Espionage Campaign »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Security Weekly

Security Weekly

Security Weekly provides free content within the subject areas of IT security news, vulnerabilities, hacking, and research.

Axial

Axial

Axial Systems is one of the UK’s leading solution providers and systems integrators in network, security and services.

British Assessment Bureau

British Assessment Bureau

The British Assessment Bureau is an ISO certification body. We check conformity and compliance of companies to recognised ISO standards including ISO 27001.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Council for Information & Communication Technologies (CTIC)

Council for Information & Communication Technologies (CTIC)

CTIC was set up to address specific issues in the field of ICT relevant to the implementation of electronic government.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

Association of anti Virus Asia Researchers (AVAR)

Association of anti Virus Asia Researchers (AVAR)

AVAR's mission is to prevent the spread of and damage caused by malicious software, and to develop cooperative relationships among anti-malware experts in Asia.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

Quod Orbis

Quod Orbis

Quod Orbis are a fast-growing, innovative company providing market-leading expertise in cyber security and Continuous Controls Monitoring (CCM).

Onwardly

Onwardly

For everyday folks tasked with implementing security and privacy. Do it faster with Onwardly - build, launch and scale your cyber resilience program in 30 minutes per week.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.