China’s foray into cyber warfare was in response to the US cyber might in the field, but while the US cyber warfare has always been the strategic one, China decided to go further to become an eminent cyber-threat plotter across the world, making state-sponsored hacking an integral function of the People’s Liberation Army (PLA).
According to the Center for Strategic and International Studies (CSIS), a think-tank based in Washington, 108 big cyber-attack incidents from 2006 to 2018 were linked to China. That makes China one of the biggest cyber offenders. Another report by the British Bankers’ Association (BBA) says 30% of the global cyber-attack incidents have their origin in China.
The FBI’s list of cyber’s most wanted has 18 Chinese cyber criminals. In 2014, the US indicted five Chinese hackers for hacking and economic espionage. And what was startling was the fact these hackers were PLA officers.
According to the Microsoft Digital Defence Report 2020, cyber-attacks by the nation-states are now more in line with their political maneuvers and most of the nation-state activity originates from China, Russia, North Korea and Iran. The nation-state actors from these countries have their geopolitical agendas and mostly target individuals and entities working with the external government that are involved in policy making.
According to the Centre for Internet Security (CIS), a New York based organisation working against cyber threats, nation-state actors are directly or indirectly involved with the state apparatus. They are either part of or funded or directed by the nation-states and used for political, military and economic espionage purposes.
As per a US Department of Homeland Security analysis, nation-state actors work to shift the balance towards their own countries to gain competitive advantage or diplomatic leeway, be it political or military. Such nation-states use cyber asymmetry to target countries with significant diplomatic and military power. Asymmetric cyber-attacks are a series of digital attacks to bring down large network systems, exploiting the victim’s vulnerable security network.
The US and India are among the most targeted countries by Chinese hackers. In June 2020, a report by the US-based cybersecurity firm FireEye said the US was the most targeted country since 2016, while India was at 6th position. South Korea, Germany and Japan are other most targeted countries.
China is using its state sponsored cyber-attacks mostly as ‘cyber psyops’ to target rivals’ defence, economic and military capabilities or as ‘cyber espionage’ to target military and corporate data servers for intelligence gathering or as ‘cyber terrorism’ to target a nation’s infrastructure and critical assets.
A recent investigation by a US based firm ‘Recorded Future’ says the power-grid failure in Mumbai in October could be linked to a Chinese state-sponsored cyber group, adding that the Chinese cyber attackers have got a ‘foothold’ in around a dozen critical nodes or building blocks across India’s power transmission infrastructure and ten different power sector organisations under the power-grid network are the main targets.
Here China used asymmetric cyber-attacks. The Mumbai power-grid lockdown by China’s state-sponsored hackers is a classic example of how China is constantly enhancing its cyber warfare capability by nation-state actors. The power-grid failure by Chinese nation-state actors was a mix of cyber-terrorism and cyber psyops activities and a counter-attack to India on its stand which has got the global diplomatic support in the border stand-off with China.
Research on coronavirus, Covid-19 and its vaccine is a good example to show how China is further plotting its cyber warfare agenda.
Two Chinese spies in the US have been charged to run a global hacking campaign to steal Covid-19 vaccine data. According to the US, they are part of a broader theft campaign targeting countries worldwide. Some countries and firms they have targeted are the US based vaccine firm Moderna, Serum Institute of India (SII) and Bharat Biotech in India and Japanese and Spanish research institutions working on Covid-19 vaccine.
China’s nation-state actors are believed to be behind these hacking efforts that target efforts by other countries on vaccine research. The motive is to seek political and economic gains.
Many major countries across the world believe China is a Covid conspirator and an advanced data on Covid-19 vaccine would help China in mitigating this feeling if it can offer ‘stolen’ Covid-19 vaccine to other countries under its diplomatic efforts.
The sympathy earned through it will also bring in major financial gains with China producing a vaccine testified on global health standards, either by selling it or exporting it.
And China is quite an expert in hacking other countries’ militaries and defence industries through its state sponsored or nation-state actors by cyber espionage and the prime example is how it hacked or still hacking into the US military and defence industry.
China used nation-state cyber hackers in trying to steal the fifth generation F-35 fighter aircraft data from the US Documents released by Edward Snowden, the former US National Security Agency contractor. It shows Chinese hackers did hack and steal some of the top secret data on the F-35 Lightning II joint strike fighter jet, the most advanced fighter jet in the world. Chinese used the hacked data in producing China’s most advanced fighter jets, the J-31, as well as the Chengdu J-20, fighter jet experts argue.
Way back, in 2013, Pentagon had also admitted about F-35 data theft and how it was helping the rival countries. Though in 2015, the US and China got into an agreement on cybertheft of intellectual property, defence analysts say the Chinese theft is still a problem. In October last year, the National Security Agency of the US warned that Chinese nation-state actors were targeting the US military and defence industries.
Add to it, China is advancing rapidly in the use of artificial intelligence technology and it would further enhance its state-sponsored hacking efforts.