China: A CCP-Driven Global Threat Actor

The newly released IntSights analytics report, “The Dark Side of China: The Evolution of a Global Cyber Power,” makes the case that the country is a force to be reckoned with. The piece emphasizes the role played by the Chinese Communist Party (CCP) in unleashing the restrictions within China to “take what it needs.”

The conclusion is consistent with the analysis by Huang Xianghuai of the CCP Central Committee Party School in his essay, “Emphasizing and Strengthening the Party’s Ideological Work.” In his report, translated and released in August by the Center for Strategic International Studies, he bluntly details how the external messaging and the internal messaging of the CCP are at odds with each other. The former calls for peace and harmony, while the latter colors the relationship with the outside world in dark tones.

Huang noted during the CCP’s 19th National Congress in 2017, General Secretary Xi Jinping declared, “The significance of scientific socialism’s success in China is very important for Marxism, scientific socialism and world socialism. … Ideology determines the direction and development path of cultural progress.”

China’s appetite for taking what it needs is sufficiently evident with the series of arrests, indictments and research reports that highlight the theft of intellectual property from the west. For example, the telecom company NORTEL—an article in Canada’s Global News describes the years of fleecing the company by China’s military and the concomitant ascension of Huawei as a global telecommunication company.

It is in this vein that the IntSight report offers evidence that China’s been feeding on the investments of others and highlights China’s efforts to own the cyber battlefield with discussion on four distinct target sets: India, Australia, Hong Kong and cultural and religious organizations.

  • India – India and China have had a disputed boundary for more than 50 years. In June the dispute went from a passive-aggressive environment to one more reminiscent of 1962. China and India’s dispute went hot and 20 Indian soldiers were killed. The report highlights during the five-day period of heightened tensions India was subjected to “40,000 cyberattacks originating from Chengdu, China.” To counter the Chinese cyber aggression and surreptitious collection of Indian user data, in July India banned 59 Chinese applications including TikTok, WeChat and Helo.
  • Australia – Contemporaneously with the Indian cyberattacks, Australia saw its government and industry being subjected to a sustained cyber offensive. Canberra issued a warning and advisory to the country, with an unambiguous attribution pointing to China as the aggressor. The report casts Australia’s response to China as tepid—indeed, passive. This writer disagrees with this analysis and would characterize Australia’s response as measured, thoughtful and on-point, as the bilateral relationship becomes more strained. Australia’s recent actions belay the characterization of passivity, as the Australia Security Intelligence Organisation (ASIO) warnings concerning China’s nefarious activities issued Aug. 24 concerning the ongoing espionage threat; The Department of Foreign Affairs and Trade (DFAT) response to China’s threat of an economic boycott was sharp and pointed.
  • Hong Kong – The report hangs its hat on the malware campaign that targeted political dissidents in Hong Kong and the cyberattack on the Holy See. The Chinese use of social networks to disparage Hong Kong’s democracy protests is well-documented. Additionally, the recent adjustments to the rule of law in Hong Kong were worthy of approbation, as it has forever changed the Hong Kong political and economic landscape.
  • Cultural and Religious Organizations – China’s efforts to remove the Uighur population is both despicable and tragic. The report notes those countries that had voiced concern and hosted groups that actively opposed China’s actions were subjected to an onslaught of China offensive activity to include the hacking into the telecom providers of Turkey, Kazakhstan, India, Thailand and Malaysia. The report describes the Chinese actions as “high-tech digital surveillance, exploitation campaigns via multiple strategically compromised websites, exploitation of vulnerabilities in Android operating systems commonly used among the minority population.”

The IntSights report concludes with the identification of four evolving threats:

  • Surveillance and Espionage – China’s “Social Credit System” and the presence of 200 million CCTV cameras with an expected growth by the end of 2020 of 626 million as two of the primary emerging threats to the domestic population. The report points to more than 29 countries as being espionage targets of China (we submit that is a low number) with the goal of obtaining intellectual property.
  • APT41/Winnti Group – The report highlights APT41, as it is used for both espionage and cryptocurrency mining.
  • Information Warfare – The rise of the efforts by China to control the global narrative is well-documented. In March ProPublica published a detailed report on how China built a Twitter propaganda machine, which may have influenced Twitter’s own actions to ban more than 170,000 accounts. China characterized this action in June, as the misinformation machine grounded to a halt, as, “Twitter’s refusal to be a neutral and objective platform,” according to the Global Times (state-affiliated media).
  • Abuse of Technology Exports – the report closes with the threat posed by the global dependency on China’s manufacturing and software supply chain and the opportunities to infuse trojan technology. This has been—and will continue to be—a threat. The report calls out Huawei, TikTok and the insertion of malicious codes within apps and software updates.

One should believe China will do exactly what it says it will do. The bottom line is, China’s actions are driven by the CCP, and industries and government alike should continue to be alert to the targeting of their personnel, technology and intellectual properties. Security protocols should envelop all engagements with China, as there is no expectation that China will take its foot off the gas in its efforts to aggressively acquire intellectual property and technology it determines it needs for its own purposes.

It is your information, protect it.

Featured eBook
How Your Vendor Access Management Tools Are Putting Your Company at Risk

How Your Vendor Access Management Tools Are Putting Your Company at Risk

If third parties are accessing your network, whether you’re using a VPN, a vendor-supplied support tool, or a Privileged Access Management (PAM) solution to manage network vendor access, the limitations of those tools leave you vulnerable to breaches. But you can’t manage risks that you don’t know you have. Vendor Privileged Access Management (VPAM) is … Read More