China is emerging as a global cyber threat actor surpassing Iran
Global cyber warfare has been largely associated with two threat actors, Iran and China. However, over the years, China has surpassed Iran, emerging as the key global cyber threat actor.
Cyberwarfare campaigns have always been an influential weapon of China’s strategy to conquer its adversaries. Cyber Warfare by china is an aggregate of all aggressive actions in cyberspace that are taken by mankind of china, including associated advanced persistent threat (APT) groups, against other Provinces.
Xi Jinping (President of China) has constantly highlighted his intention for China to turn up as a ‘cyber superpower’. Over the past two decades, China’s potential for cyber intelligence and offensive actions has gradually augmented as China presents new threats to the targets of its offensive activities in the Asia-Pacific region.
According to the report of Symantec’s Cybersecurity Researchers, a Chinese state-sponsored group named ‘Cicada’ also known as APT 10 uses VLC Media Player on Windows PC to launch malware attacks for spying on the government, administrative departments telecom, Pharmaceutical, and NGOs in other nations across the globe, including North America, Europe, and Asia.
Recently, on 6th April 2022, Chinese state- Sponsored hackers had targeted India’s Power Grids in Ladakh, aimed at collecting information on India’s significant infrastructure or to prepare for Disruption in the Future. The Expert analysis and an arrangement of large-scale automated network traffic analytics acknowledged the hacking activity of Chinese hackers. The protracted targeting of Indian Power grid assets by chine state-linked groups presents limited economic espionage or traditional intelligence-gathering opportunities.
On 2nd April 2022, Chinese Hacking Group Deep Panda came in limelight for targeting VMware Horizon servers with the Log4Shell, exploit to install a new Fire Chili Rootkit. ‘Deep Panda’ that was inactive after attacking the Global entities, including India, is allegedly back in action. Researchers from Fortinet detected a campaign by this Chinese advanced Persistent threat (APT) hacking group that targets government, defense, healthcare, telecom, and financial organization for data theft and surveillance.
India is not alone; several nations like the United Kingdom, Netherland, Ethiopia, and Italy and businesses like Vodafone and Microsoft also became the target of the Chinese Hacking Group.
A risk analysis report by Capgemini consultancy revealed that in 2010, the KPN mobile phone network (The largest mobile phone network in Netherland) was targeted by Huawei Technologies (Chinese Multinational Technology Corporation). Huawei gain unlimited access to call records and customer data, including the conversation made by government officials and ministers.
In January 2017, Technicians at the AU Headquarters (African Union, Ethiopia) building in Addis Ababa identified a cyber-attack by a Chinese advanced persistent hacking group. It was discovered that a backdoor by China allowed the transfer of data every night from computers in the building to servers in Shanghai for five years. China-based hackers had been clicking security camera footage from inside the AU headquarters building.
In April 2019, Italy’s Vodafone Telecom Network Group recognized vulnerabilities with the equipment Huawei deployed for the carrier’s Italian business. The vulnerabilities, running for years, provide the Huawei unauthorized access to the carrier’s fixed- network in Italy.
In October 2020, the National Telecom Network of the United Kingdom was targeted by the Chinese Technology Corporation. UK Intelligence agency and Government communication headquarters identified a ‘nationally significant’ vulnerability in Huawei equipment. The vulnerability was so extreme that it was withdrawn from the company.
With the above-mentioned instances, we can say that just like Iran, China also wants to be superior in Cyber Warfare Arsenal. There are no two ways about the fact that China is a self-sustained superpower having considerable Cyber offensive capabilities.
