China flatly denies accusations of cyber warfare, and has, instead, accused the United States of engaging in cyber warfare against it. However, China has consistently engaged in offensive cyber operations, and as the scope of the country’s economic and political ambitions expanded, so has its cyber footprint. The number of China-sponsored and aligned hacking teams are growing, as they develop and deploy offensive cyber capabilities to serve the state’s interests — from economic to national security.
Chinese non-state actors are very involved in Chinese cyber operations. A wide variety of non-state entities, such as contractors and technology conglomerates (Alibaba, Huawei, etc.), have worked in tandem with the CCP on a variety of research, development, and execution of cyber operations.
Over the years, PLA unit officers have been indicted in the US on charges of theft of confidential business information from U.S. commercial firms and planting malware on their computers.
Chinese state-sponsored cyber actors aggressively target U.S. and Allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, emerging and key technology, intellectual property, and personally identifiable information (PII), including political targets and now have the ability to influence elections. In March 2021, United States intelligence community released analysis in finding that China had considered interfering with the election but decided against it on concerns it would fail or backfire.
While cyber espionage for national security concerns is a common action conducted by most countries, cyber espionage for economic benefit is an accusation continually made against the Chinese government and military.
China is focussed towards developing the domestic technology industry and its capabilities, to counter the “eight King Kongs” (Apple, Cisco, Google, IBM, Intel, Microsoft, Oracle, and Qualcomm).
The scale of China’s cyber operations dwarfs those of other countries in the region—the complexity and sheer range of targeting, and the number of domestic technology companies whose increasingly global reach may be utilized for intelligence gain and influence.
Beijing has nurtured a tech industry and environment that actively support the party-state’s aims to bolster government surveillance and cyber capabilities. From large firms to startups, many companies work with the state to conduct vulnerability research, develop threat detection capabilities, and produce security and intelligence products.
In India, most major attacks on Indian government networks, such as the National Security Council, have originated from China. Chinese hackers are experts in operating botnets. Multiple instances of Chinese cyber attacks against India’s cyberspace have been reported including ransomware attack on the servers of All India Institute of Medical Sciences in…
India needs a a culture of cyber security investment and strategy. At the very least, we need to ensure security personnel monitor key internal security capabilities and can identify anomalous behaviour. Any known Chinese state-sponsored indicators of compromise and tactics, techniques, and procedures must be identified for immediate response.