Arrest of Chinese national in the US exposes rising threat from Beijing’s cyber-attack empire

Cyber-attacks linked to China-sponsored or its state-run intelligence agencies have been increasing rapidly.


Countries like the United States and India as well as some European nations are reporting Beijing-backed cyber-attacks on an almost regular basis, calling the country a “threat for global cyberspace and cyber security”.


In addition to the list of China-sponsored cyber-attacks, authorities in the United States recently arrested a Chinese national for allegedly operating a botnet of 19 million infected IP addresses in nearly 200 countries, amassing at least $99 million by leasing his network to criminals for cybercrimes, including Covid-19 pandemic relief scams.


The Epoch Times reported, citing the US Department of Justice (DoJ), that the arrested person, identified as Wang Yunhe, 35, offered customers the use of his network of compromised IP addresses for a fee from 2014 until July 2022.


According to a statement issued by the DoJ on May 29, the service, named “911 S5,” allowed cybercriminals to conceal their digital footprint when engaging in nefarious online activities, including financial crimes, stalking, transmitting bomb threats and threats of harm, illegal exportation of goods, and receiving and sending child exploitation materials.


The publication reported, quoting federal indictment, that criminals were also alleged to have used the botnet service to bypass financial fraud detection systems in the US and elsewhere, and to steal billions of dollars from financial institutions, credit card issuers, and federal lending programs.


As per reports, about 5,60,529 fraudulent claims came from “IP addresses exploited and trafficked” by the arrested Chinese national’s botnet, leading to more than $5.9 billion in losses.


The US Department of Justice stated, quoting FBI director Christopher Wray that the network run by the Chinese national was “likely the world’s largest botnet ever”.


The United States is not the only target of China’s cyber-attacks as the country allegedly uses cyberattacks below the threshold of war to coerce its rivals, including its hostile neighbour, India.


According to US-headquartered management consulting services company Booz Allen Hamilton, China’s cyberattacks can affect government agencies, global corporations, and small businesses — either directly or via cascading risks.


Amid rising accusations against China of cyber espionage, particularly in light of its alleged support for cybercriminals which affects regional stability, Indian intelligence agencies estimated that over 5,000 people may have been coerced into cybercrime by Chinese actors, according to a latest report by India Today.


The United States Cybersecurity and Infrastructure Security Agency (CISA) has pointed out China’s global hacking operations targeting critical sectors such as health, telecom and enterprise software, often involving theft of intellectual property and confidential information.


India’s National Cyber Crime Reporting Portal, since January this year, has registered about 7,000 complaints daily—85 percent of them related to online financial fraud, while nearly half of these frauds are linked to agents operating from Southeast Asia which is an alarming development.


Chinese syndicates, which are searching for new opportunities and customers, are increasingly involved in cybercrimes in neighbouring countries, including in India, while a notable surge in such activities was found in Myanmar, Cambodia, the Philippines, Malaysia, Singapore and Thailand, India Today reports, citing Indian intelligence agencies.


These Beijing-backed syndicates are engaged in a range of illicit activities, including theft of personal information, cross-border gambling, e-commerce scams, romance scams and advanced persistent threats (APTs), and with their operations spanning multiple nations, these groups pose a significant cybersecurity threat to the region, reported India Today, quoting its sources in the Indian intelligence agencies.


Earlier in March, the governments of the UK and the US accused hacking group Advanced Persistent Threat 31 (APT 31), backed by the Chinese government spy agency, of conducting a year-long cyber-attack campaign, targeting politicians, national security officials, journalists and businesses, reports The Guardian.


The hackers had potentially gained access to information on tens of millions of UK voters held by the Electoral Commission, as well as for cyber-espionage targeting lawmakers who have been outspoken about threats from China, as reported by the Guardian, quoting the authorities.


Recently, in March, an indictment was unsealed charging seven Chinese nationals with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a China-based hacking group that spent approximately 14 years targeting US and foreign critics, businesses, and political officials in furtherance of Beijing’s economic espionage and foreign intelligence objectives.










Leave a Reply

Your email address will not be published. Required fields are marked *