China is widely considered to be one of the most malicious and active state cyber actors involved in spying, hacking for espionage, and gathering data. Western world considers the country to be the biggest cyber threat, ahead of Russia, Iran, and North Korea. A new report by Boston-based cybersecurity firm, Cybereason has unearthed a malicious campaign — dubbed OperationCuckooBees- exfiltrating hundreds of gigabytes of intellectual property and sensitive data, including blueprints, diagrams, formulas, and manufacturing-related proprietary data from multiple intrusions, spanning technology and manufacturing companies in North America, Europe, and Asia. While a yearslong malicious cyber operation spearheaded by the notorious Chinese state actor, APT 41, has siphoned off an estimated trillions in intellectual property theft from approximately 30 multinational companies within the manufacturing, energy, and pharmaceutical sectors.
According to FBI Director Christopher Wray China is the world’s largest malicious cyber actor and its affiliated hackers have stolen more data from Americans than every other nation combined. Wray said that China’s Communist regime is engaged in a massive campaign to “lie, cheat, and steal their way into global domination of technology sectors,” during a wide-ranging cybersecurity talk at Boston College on June 1. “The Chinese government is methodical, hacking in support of long-term economic goals,” he said.
“They have got a bigger hacking program than all other major nations combined. They have stolen more American personal and corporate data than all nations combined. And they are showing no sign of tempering their ambition and aggression.”
Wray singled out the Chinese Communist Party’s (CCP) use of coercive laws to effectively force technology transfer from US businesses operating in China to the state. In an apparent reference to China’s national intelligence laws, which allow the regime to demand the data of any company in the name of security, he said that many US companies simply accept that they will be spied on.
Wray also described how the CCP uses state-mandated tax systems in China to covertly spy on companies on the mainland. He said that Chinese laws require businesses to make use of a small suite of software options for tax purposes, at least one of which was used by the CCP to implant malware into companies’ systems to allow covert government access to the company’s data.
Aside from direct government intervention, Wray said that China, along with Iran and Russia, is hiring hackers as if they were cyber mercenaries, and providing them with state resources to conduct attacks on the United States on China’s behalf. Such actors, he said, frequently target the defense and industrial sectors to cause havoc, deny access, or steal secrets.
The comments built upon Wray’s previous remarks, such as when he said in April that China is the largest cyber security threat to the United States and warned that the regime is targeting every part of the US economy. “The biggest threat we face as a country from a counterintelligence perspective is from the People’s Republic of China and especially the Chinese Communist Party,” Wray said during an interview on April 24.
The director also said the FBI opened a new China counterintelligence investigation “about every 12 hours,” that there are currently more than 2,000 such investigations, and that all 56 US-based FBI field offices are engaged in the effort.
As such, the FBI currently maintains a series of web pages dedicated to the “China Threat,” which states that “the counterintelligence and economic espionage efforts emanating from the government of China and the Chinese Communist Party are a grave threat to the economic well-being and democratic values of the United States.”
Chinese hackers have targeted the power sector in India in recent months as part of an apparent cyber-espionage campaign, the threat intelligence firm Recorded Future Inc. said in a report published in April. The hackers focused on at least seven “load dispatch” centres in northern India that are responsible for carrying out real-time operations for grid control and electricity dispersal in the areas they are located, near the disputed India-China border in Ladakh, the report said.
Author
