The recent cyber-attack by China’s state-sponsored cyber group ‘Volt Typhoon’, which breached US military bases in Guam, has again brought into spotlight the state sponsored hacking indulged by Chinese hackers to undertake cyber espionage. This includes economic and industrial espionage, coercion, disruption in critical-infrastructure and seizing of personal information.
Facing increased accusations of forcing foreign companies to hand over technical information under joint venture agreements in exchange for access to its market, Beijing has now substantially increased its cyber espionage to gain technological knowhow to power its research & development efforts as it looks to promote innovation to power its economy. Chinese cyber espionage targets also include technology related to semiconductors, aerospace, pharmaceuticals, maritime, healthcare and nanotechnology.
Given the geo-political situation after the Russia – Ukraine war, which has dried supply chains of essential technology to China like semiconductors, Beijing is desperate to speed up development of its domestic supply chains and industries to dominate key global industries. As part of its cyber war, Chinese state backed hackers also have infiltrated local global networks to disrupt military and government critical infrastructure, including oil and gas pipelines and rail systems.
According to Microsoft, Chinese state-sponsored hacking group ‘Volt Typhoon’ has been actively targeting critical infrastructure organizations in the US over the last 2 years to develop software that can disrupt critical communications infrastructure between the US and Asia during future crises.
Chinese hackers have not only targeted western institutions but also countries across Africa and Asia, including India, Indonesia, Malaysia, Saudi Arabia, South Africa and Kenya to gain information concerning China’s economic and strategic interests. Recently Chinese hackers targeted key Kenyan ministries and state institutions to gain information regarding its repayment strategy of Chinese debt.
Chinese hackers have also targeted Taiwan, Vietnam, Thailand, Indonesia, Mongolia, Papua New Guinea, Ghana, Zimbabwe, and Nigeria using malware developed by Chinese government hackers. The attack on Indian premier public health service institution AIIMS’s servers in Delhi and the blackout in Mumbai in 2020 was also apparently a case of cyber-attack by China. China has been accused of using cyber coercion against Taiwan to force it to stop pro- independence activities.
Earlier, during the Covid pandemic, the focus of Chinese hackers was on information related to vaccine development. According to data from CrowdStrike,
about 67% of global cyber-attacks between mid-2020 and mid-2021 were from Chinese state-sponsored hackers. Chinese hacking group ‘APT 10’ had reportedly targeted the IT systems of Indian vaccine manufacturer Bharat Biotech and the Serum Institute of India (Sll), which were developing corona vaccine.
Facing accusations over its human rights abuses in Xinjiang, Tibet and over other ethnic and religious minority groups in China, Chinese state sponsored hacking groups like RedAlpha have also been targeting human rights groups to gather intelligence for the Chinese Communist Party. These include International Federation for Human Rights (FIDH), Amnesty International, Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan (AIT), etc.
According to Journal of Strategic Security, China might have the most aggressive and extensive cyber warfare capability in the world, driven by its desire for a global power status. China is apparently the most active cyber espionage threat to global governance and networks and would do whatever it takes to advance its economic interests. Surprisingly, according to Google, state-sponsored hackers from China have developed techniques that evade common cyber security tools.
A Boston-based cyber security firm, Cybereason, has estimated that Chinese state backed hacker, APT 41, has siphoned off estimated trillions in dollars of intellectual property theft from 30 multinational companies in manufacturing, energy and pharmaceutical sectors in North America, Europe, and Asia.