The 2023 Global Threat Report by leading cybersecurity firm Crowdstrike reveals that China-linked cyber-espionage groups are targeting 39 industries on nearly every continent.
According to the research, the majority of the hacking targets China’s Asian neighbors, with about 25 percent of their efforts directed at North America. The investigation discovered that as cybersecurity has advanced, so too have the methods China utilizes.
The targeted areas in North America incorporate a broad range, from defense, government, and aerospace to pharmaceuticals, telecommunications, and manufacturing.
“They’re endemic at this point—they’re everywhere,” said Adam Meyers, Crowdstrike’s head of intelligence.
The intrusions were likely intended to collect strategic intelligence, compromise intellectual property, and further the surveillance of targeted groups—all of which are key Chinese Communist Party (CCP) intelligence goals, the report stated.
According to U.S. officials, the intelligence-gathering activities of the United States only target the networks of its geopolitical adversaries. China, however, also hacks private corporations in order to steal intellectual property.
While such claims have been dismissed by the CCP in the past, they have been affirmed by a top American intelligence official, who said, “Hacking remains the chief Chinese espionage activity.”
Upgraded Tactics
According to Meyers, Chinese hackers have upgraded their techniques significantly.In the past, “smash and grab” operations dominated, but now sophisticated attempts to obtain credentials and enter networks covertly are common.
According to the data, more than two-thirds of intrusions Crowdstrike recorded in 2022 were “malware free,” meaning attackers gained access to networks using valid credentials, such as passwords. Typically, such information is obtained by convincing people to open emails or to click on links that include password-stealing URLs.
The agencies pointed out that the hackers allegedly utilize open-source tools—such as Routersploit and RouterScan—as well as known software flaws in networking devices, such as routers.
“These devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices,” according to the agencies.
FBI Warnings
Just last month, a senior FBI officer called on U.S. officials to be on their guard ahead of the next election. The statement came from Cynthia Kaiser, deputy assistant director of the FBI’s cyber division. Kaiser said Chinese hackers pose a growing threat, and that American officials could see more Chinese cyber activity against their states as foreign actors search for political intelligence.She noted that Chinese hackers had scanned the computer infrastructure of both Republicans and Democrats, searching for vulnerabilities. It’s unclear if any data was compromised.
Chinese hackers have been waging cyberattacks against the United States for over a decade. The information they have extracted includes personal files on over 4 million U.S. government employees, background information on over 20 million Americans and, most recently, at least $20 million of COVID-19 relief money.
Responding to Kaiser’s remark, the Chinese embassy in Washington said the Chinese regime does not encourage cyber attacks.
The scale and scope of China-nexus targeted intrusion activity is unlikely to contract in 2023, as cyber espionage remains a critical instrument to support the CCP’s strategic and economic ambitions, according to the Crowdstrike report.
