Under China’s authoritarian leader, Xi Jinping, Beijing has refined its approach to cyberspying, transforming over the past decade into a far more sophisticated actor. China’s premier spy agency, borrowing a page from Russia, has recruited beyond its ranks, pulling from the growing pool of tech workers. The strategy has made its attacks more scattershot and unpredictable, but analysts say it also helped strengthen efforts to run stealthy attacks that target intellectual property as well as political and military intelligence around the world.
Mr. Xi has made China’s scientific and technical capabilities a priority in the coming years, with ambitions of becoming a global leader in high-tech fields such as robotics, medical equipment and aviation. The campaign targeting Russian defense research institutes “may serve as evidence of the use of espionage in a systematic and long-term effort to achieve Chinese strategic objectives in technological superiority and military power,” Check Point’s report said.
More recently, hackers based in China, like their counterparts elsewhere, have taken advantage of the war in Ukraine to break into computer systems of organizations across Europe. Hackers have preyed upon heightened anxiety about the invasion, tricking their victims into downloading documents that falsely claim to contain information about the war or pose as aid organizations raising money for charity.
Many of the attacks originating from China appear to be focusing on gathering information and intellectual property, rather than causing chaos or disruption that could sway the conflict into favor of Ukraine or Russia, security analysts said.
In late March, Chinese hackers are going after Ukrainian organizations, according to security researchers and an announcement from Ukraine’s cybersecurity agency. A hacking team known as Scarab sent a document to Ukrainian organizations that offered instructions on how to film Russian war crimes but also contained malware that could extract information from infected computer systems, researchers at the security firm SentinelOne said.
Also in March, another hacking team affiliated with China, which has security analysts called Mustang Panda, created documents that purported to be European Union reports on conditions in the borders of Ukraine and Belarus, and emailed them to potential targets in Europe. But the documents contained malware, and victims who were tricked into opening them inadvertently allowed hackers to infiltrate their networks, researchers at Google and security firm Cisco Talos said.
The Latest on China: Key Things to Know
An uncertain harvest. Chinese officials are issuing warnings that after heavy rainfalls last autumn, a disappointing winter wheat harvest could drive drive food prices – already high because of war in Ukraine and bad weather in Asia and the United States – further up, compounding hunger in the world poorest countries.
The Mustang Panda hacking group had recently attacked organizations in India, Taiwan and Myanmar, but when the war started, it turned its focus to the European Union and Russia. In March, the hackers also pursued agencies in Russia, emailing them a document that appeared to contain information about the placement of border guards in Russia, Cisco Talos researchers said.