According to the Ministry of State Security on Saturday which is the 23rd National Defense Education Day, China has become the main victim of advanced persistent threat (APT) attacks, adding that cyberspace has become an important battleground for foreign intelligence agencies to conduct cyber espionage against China, Xinhua Daily Telegraph reported.
The national security departments of China have revealed that foreign intelligence agencies employ various methods to carry out cyberattacks and infiltrations in China. For example, they may establish specialized organizations, set up “cover companies,” and develop professional tools to directly attack China. They may also use methods such as “behind-the-scenes manipulation” and “outsourcing services” to instruct professional companies and hacker organizations to carry out attacks. Some countries even disguised their actions and collaborate with other countries in carrying out attacks.
In terms of attack targets, foreign intelligence agencies not only continuously target traditional targets such as Chinese government bodies, sensitive units but are also increasingly focused on attacking and infiltrating China’s critical information infrastructure and major infrastructure network systems. They have also extended their “black hand” to Chinese universities, research institutions, large enterprises, high-tech companies, as well as executives, experts, and scholars, according to the Chinese authority.
Also, the attacks are omnipresent, involving various types of software systems such as email, office automation, user management, and security protection, as well as hardware devices such as servers, computers, switches, routers, and even civilian devices such as mobile phones, Wi-Fi, and surveillance cameras.
Unlike ordinary hackers, foreign intelligence agencies have abundant resources, strong technical capabilities, extensive experience in cyberattacks and more covert methods. Some of them collected and stole personal information data, using social engineering to precisely forge “phishing” emails and websites to carry out deceptive attacks. Some directly attacked China by exploiting and purchasing key software systems and hardware devices. Some infiltrated and controlled Chinese supply chain companies or operation and maintenance service organizations’ networks, using them as “springboards” to attack downstream user units. Some conducted large-scale infiltrations and control of China’s civilian networks and household network devices, establishing “strongholds” for cyberattacks against China and other countries.
The national security agencies pointed out that once China’s critical information infrastructure and major infrastructure network systems are invaded and controlled, they will face the risk of being disrupted and destroyed at any time. Cyberattacks by foreign intelligence agencies not only stole commercial secrets and intellectual property of Chinese enterprises and institutions but also monitored the network communication content of Chinese citizens, seriously infringing upon the legitimate rights and interests of Chinese citizens and organizations.
The national security authority stressed that once citizens and organizations discover online espionage activities, they should promptly report them to the national security authorities through channels such as the 12339 hotline, the online reporting platform, and the official WeChat account of the Ministry of State Security.
(Global Times)