Targets of major Chinese cyberattacks in 2015 could hint at what industries will be hit this year, according to a new report from cybersecurity company CrowdStrike.
Personal records of more than 22 million U.S. federal employees were stolen from the Office of Personnel Management, in a cyberattack announced in June 2015. It followed another attack on the Anthem health insurance company, where hackers stole close to 80 million records.
Hints at the new direction can be found in the Chinese Communist Party’s 13th Five-Year-Plan, which was released in November 2015 and should be finalized early this year.
“These plans typically provide a roadmap for what China will target using cyber means,” the report stated.
The Chinese regime is trying to push out foreign technology, in favor of domestic technology, and is also trying to build a middle class.
“The combination of China becoming increasingly distrustful of Western information technology and a desire to promote its own sectors of industrial manufacturing and retail may lead to a gradual tapering off of targeting against these sectors,” the report stated.
It said Chinese hackers may instead focus on areas including agriculture, health care, and alternative energy, which, “China deems crucial to promoting the wellbeing of its growing middle class, and where it has the most technological gaps.”
These would add to the list of industries the Chinese regime has already identified for theft. Under Project 863, Chinese hackers and spies target nine industries including biotechnology, information technology, automation, and telecommunications.
The U.S. Office of the National Counterintelligence Executive said in a 2011 report that Project 863 “provides funding and guidance for efforts to clandestinely acquire U.S. technology and sensitive economic information.”
The Chinese hackers may start broadening their nets as well. Instead of just going after intellectual property, the CrowdStrike report states they may go after basic know-how “such as building native supply chains and administrative expertise.”
I’ve reported previously that the Chinese were already going after this type of information. They’re looking at everything from how companies are managed, to how they market their products.
It may now be even more so, however, since the Chinese regime is making a serious effort to push out foreign firms and take the place they once occupied.
The report stated we may also see some changes—at least in the short term—in how the Chinese hackers operate, since the Chinese regime is undergoing a structural shift, set to be completed by 2020.
Hackers in the Chinese military may see their new positions sooner. The report stated, “Cyber will likely be a priority due to China’s emphasis on winning informatized wars, meaning that the shift may be observed soonest in that arena.”
In the meantime, it said, some of the Chinese cyberattacks may be carried out by its civilian intelligence agencies and associated contractors—such as the Ministry of Public Security.