The rise of Chinese state-sponsored cyber-attacks feeds growing US national security concerns

The global cyber security landscape has seen increasing threats over the last few years. The COVID pandemic, Russia’s invasion of Ukraine, and heightened US-China tensions over Taiwan have all provided fertile ground for cyberattacks against businesses and individuals. Notably, the lines are increasingly blurring between organized cybercrime groups ­– such as Russia’s Conti and FIN7 gangs and the relatively new Lapsus$, which rose to “fame” having compromised data at organizations such as Microsoft, Samsung and Nvidia – and state-sponsored actors. 

For example, since the start of the war, Russian-based phishing attacks against email addresses of European and US-based businesses have increased 8-fold1. However, 

Chinese state-sponsored cyber-attacks pose the fastest-growing threat to US national security. For some time, China has been developing and deploying cyber-attack capabilities to advance its own national interests. And, because of the nature of cyber-attacks, it is difficult to fully discern the number of attacks for which China could be responsible. 

One of the main advantages that China holds over the US, is that the Chinese Communist Party refuses to play by the same rules. In its annual report on China released on 15 November 2022, the congressionally mandated US-China Economic and Security Commission stated, “China enjoys an asymmetric advantage over the US in cyberspace due to the [Chinese Communist Party’s] unwillingness to play by the same rules...China’s cyber operations pose a serious threat to the US government, business, and critical infrastructure networks in the new and highly competitive cyber domain.” 

The US is duly concerned. According to FBI Director Christopher Wray, China has the world’s largest hacking program and is responsible for stealing more personal and business data from Americans and American businesses than every other nation combined. It also has concerns over the mobile phone app TikTok and its China-based parent company, ByteDance.

The US has already banned approvals of new equipment from China’s Huawei Technologies, ZTE, Dahua Technology (surveillance equipment), Hangzhou Hikvision Digital Technology, and Hytera Communications. 

Multiple ethical hackers in Europe have shown how easy it is to hack into the controls – and data – of semi-autonomous vehicles. Clearly, both countries feel the same sense of paranoia about each other’s technology and its misuse for data collection and theft.

As a result, the US-China Economic and Security Commission has recommended to Congress that the Biden administration must report on Beijing’s compliance with a 1999 agreement to provide more market access for US goods and services. If China is found not in compliance, the Commission recommended that the US should revoke China’s Permanent Normal Trade Relations status. 

This story is just one insight from Pamir’s most recent China Update bulletin, which contains more on China’s growing cyber threat, the outlook for US-China relations through 2023, and what China’s shift from “Li-conomics” to “Xi-conomics” means for both the national and global economy, and more. 

Our customers benefit from the regular release of essential bulletins providing deep insight into issues such as geopolitical risk and competitive strategies in foreign markets. Our risk advisory and research analysis services support more than 50 Fortune 500 companies, across a spectrum of industries. 

If you would like to gain the same benefits, contact us now to find out more about our risk analysis and advisory services.

Conversely, last year the Chinese military banned owners of all Tesla cars from parking them in or near military bases and housing complexes. Chinese officials also banned all Tesla cars from a resort town popular with party members, Beidaihe, for two months over concerns that the number of cameras on Tesla vehicles and the amount of data they can collect from their surroundings could be used for espionage.

1 https://aag-it.com/the-latest-cyber-crime-statistics/