PRC becoming more aggressive in the midst of deteriorating international relations

China has taken off the gloves and become increasingly aggressive in its cyber-attacks, a report has claimed.

Threat intel agency intSights warns that a cooling of relations between the West and the People's Republic of China has seen the nation step up its foreign surveillance and cyber espionage tactics.

China’s cyber campaigns have become focused on stealing intellectual property, trade secrets, and technological advancements in artificial intelligence and related subjects in order to gain an unfair market advantage for domestic corporations, says intSights.

The plundering of machine learning technology might also find military applications applied to further the surveillance of its own citizens.

New and aggressively deployed malware strains including GoldenSpy, Mgbot malware, and Taidoor have been a feature of these campaigns.

Border skirmishes

Much of China’s malfeasance is tied to geopolitical tensions. For example, last June after conflict erupted between troops in the disputed border territory between China and India, a wave of cyber-attacks were launched.

During the five-day period following the border clash, the Indian police reported over 40,000 cyber-attacks originating from Chengdu, China – a four-fold increase in the normal attack volume.

Assaults included Denial of Service (DoS) attacks, phishing attempts, and malware attacks on India’s critical infrastructure. Cryptominers and Remote Access Tool (RAT) malware were deployed as part of these attacks.

Strained relations between Australia and China have also resulted in a surge of attacks.


RELATED Cat and mouse: Privacy advocates fight back after China tightens surveillance controls


Digital suppression of foreign and domestic cultural, political, and religious views that counter the Chinese Communist Party's narrative remains a key priority. The minority Uighur Muslim population in the country has been one of the Chinese state's prime targets.

“In late 2019, hackers working for the Chinese government hacked into telecommunication providers in Turkey, Kazakhstan, India, Thailand, and Malaysia as part of a large-scale espionage campaign to track minority groups and VIPs traveling between Central and Southeast Asia,” intSights reports.

Propaganda

The Chinese government has long operated influence campaigns on social media.

In the initial stage of the Covid-19 pandemic, Chinese state messaging sought to quell rumors that the Chinese government had created the virus in a lab. Campaigns sought to downplay the numbers of positive tests alongside attempts to encourage Chinese citizens to quarantine inside their homes.

In recent months, China has gone on the offensive by promoting the conspiracy theory that coronavirus was created in a US state-operated lab.


Read more of the latest cyber-attack news


“Chinese diplomats and embassies flocked to Twitter, which is banned within China, to amplify conspiracy theories about the virus’s origin,” intSights reports.

“One Chinese Foreign Ministry spokesman tweeted to 300,000 followers that Covid-19 originated in the United States and included a link to a pro-Kremlin (Russian) media outlet.”

intSights views this incident as an example of a wider alignment between Chinese and Russian state interests to spread propaganda.

“It is becoming increasingly clear that China and Russia have a similar narrative to spread and are working together to amplify each other’s messages in a coordinated manner,” intSights warns.

“The goal is simple: break down trust in democracies, disrupt election cycles or manipulate democratic election results, and gain economic advantage over adversaries to advance global position and power.”

Election 2020

Etay Maor, CSO at IntSights, told The Daily Swig that interference by both China and Russia is likely to persist into the US presidential elections, adding that it’s possible each might pick different sides in the hotly contested race.

“Both Russia and China use cybersecurity capabilities to execute their political agenda,” Maor said. “PSYOPS is nothing new to them and cybersecurity comes in handy as a tool for that. Because of this, there is little doubt that both countries [won't] stay out of trying to affect the November election (and for that matter, other elections in countries of interest).”

Maor concluded: “Some analysts are saying that China and Russia do not see eye to eye when it comes to which party to support but there is no doubt that they will use disinformation, misinformation, and other techniques to push their agenda and try and see their preferred nominee get elected.”


READ MORE How do you solve a problem like election security? Matt Blaze tackles the age-old question at Black Hat 2020