China's Quest for Cyber Dominance: New Targets, New Tactics, and Information Warfare
August 27th, 2020
Subscribe to our blog and stay up to date
Since the turn of the 21st century, China has been one of the world’s most prominent economic actors. Chinese cities have developed rapidly and flourished as the glow of global trade and cutting-edge technology propelled the nation to a position of great economic power. But the Chinese government now angles for total supremacy of the global economy by growing its cyber prowess. Its dedication to becoming the world’s foremost cyber power has been evident in recent campaigns, as China brazenly plunders intellectual property, collects intelligence on human behavior, and targets new victims that threaten its rise to power.
China is evolving its tactics for a modern age in which data is the most valuable asset. Researchers have identified new targets and tactics in recent months, indicative of a Chinese cyber program that is more agile and aggressive than ever. China’s cyber arm is a dynamic force capable of attacking and disrupting its economic and military enemies, as well as weaker nations it seeks to control.
IntSights published a research report, The Dark Side of China: The Evolution of a Global Cyber Power, which breaks down the cyber threat landscape as it pertains to China. Read on for some of the highlights and key findings from the report:
China’s Vision for Consolidating Global Power
Since 2016, President Xi Jinping’s administration has defined its primary objectives as achieving an economic growth rate of 6.5 percent by 2020, innovation-driven development, and a shift to higher value-added manufacturing. As part of taking the next step toward becoming the world’s biggest economy and cyber force, it is likely that China’s next priorities will be to focus on autonomous development, reducing reliance on competitors like the United States, and solidifying partnerships in the resource-rich Middle East.
An immensely significant part of this strategy is dependent on the success of China’s cyber campaigns. Chinese state-sponsored threat actors have been attributed to hundreds of attacks in over 20 countries and countless industries around the world as the government seeks to disrupt adversaries and exert its influence over weaker nations.
New Targets = New Opportunities
Speaking of disrupting adversaries – in June 2020, Chinese and Indian soldiers engaged in the disputed border territory of the Galwan Valley. Indian police reported over 40,000 cyberattacks originating from Chengdu, China, in the five days following the skirmish – apparently an organized retaliation attempt by the Chinese government. The attacks included Denial of Service (DoS) attacks, phishing attempts, and malware attacks on India’s critical infrastructure.
Australia has also been no stranger to suffering at the hands of Chinese cyber warfare. Of the 16 occasions when Australian agencies or organizations were targeted in the past decade, around half of them included references to alleged Chinese actors. In June 2020, Australian government officials issued warnings to all industries and government entities of “sophisticated state-sponsored cyberattacks” that security experts have attributed to China. However, the Australian government has been reluctant to identify the attackers as originating in China, as they appear to fear even further cyber repercussions.
Anti-government protests in Hong Kong have escalated an already-tense situation, and the Chinese government has cracked down with a heavy hand. With the global attention on Hong Kong and Western nations showing support for protestors, the Chinese government saw an opportunity to target political dissidents via a malware campaign. Leaders in the Hong Kong independence movement were also identified and extradited to mainland China, where they were prosecuted by Chinese authorities.
Evolving Tactics: Surveillance, Espionage, and Information Warfare
The development of cutting-edge tools used to carry out cyberattacks has allowed China to remain at the forefront of surveillance, cyber espionage, and information warfare attacks on its rivals.
Surveillance of Citizens: China is the most advanced surveillance state in the world today. Its strategic objectives focus heavily on the research and development of surveillance and data collection technology, artificial intelligence (AI), and machine learning (ML), and it has been successful in both developing its own technologies and stealing technological secrets and patents-in-development from public and private organizations around the world. The state monitors its population for both negative and positive behavior. The objective is to identify dissenters in real time. Citizens have “social credit scores” that are used to elevate or stigmatize the individual and use social pressure to encourage conformity.
Cyber Espionage: The Chinese government sponsors and orders the use of counterintelligence and offensive cyber operations to infiltrate adversary networks, monitor user behavior, and steal valuable data. Well-known Chinese cyber military units, identified by cybersecurity firms as advanced persistent threats (APTs), conduct these operations. Traditionally, these hacking groups are assigned specific targets, industry verticals, and data to exfiltrate. Foreign targets of Chinese espionage include over 29 countries and countless private industries.
Information Warfare: Chinese influence operations are conducted by the United Front Work Department (UFWD), a network of academic, business, and cultural institutions located domestically and abroad. China will go to great lengths to protect its global reputation and appear functional and efficient to its own citizens. The government has already invested billions of dollars in protecting its reputation on the global stage to paint a picture of a responsible, mild-mannered global rise to power. IntSights published a report last year called PSYOPS: How States Weaponize Social Media to Disrupt Global Politics that breaks down the concept of information warfare and disinformation campaigns, specifically referencing China’s attempts to mold global perception of its government and culture.
As China continues to place emphasis on its increasingly powerful cyber program, the future of global internet use could drastically change in the coming years. The Chinese government has made it clear that its priority is to firmly entrench itself as the world’s strongest – and most technologically advanced – economic power. To gain a comprehensive understanding of the Chinese cyber threat landscape and how global business could be impacted by its growing international influence, read our full report.
Kevin Diffily is a Product Marketing Manager at IntSights. He strives to provide security teams with the knowledge and tools they need to enable proactive defense against emerging cyberattacks. Kevin has a background in journalism, brand development, content marketing, and social media management. He received his B.A. in Communication from Curry College and his M.A. in Integrated Marketing Communication from Emerson College. He is a staunch proponent of gratuitous Oxford comma use.
Stay up to Date!
Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.