Cyberattacks: The Elephant In Cyberspace

When it comes to digital attacks, usually only Russia is mentioned. There has long been a second, equally serious opponent: China. Little is known about its goals.

When it comes to threats in so-called cyberspace, one opponent is often mentioned in Germany: Russia. That's not wrong either. The country has repeatedly played an inglorious role in criminal attacks by blackmail trojans called ransomware. 

Twitter: Hit The Road, Jack

But the elephant in cyberspace, which is at least as large as Russia, is often overlooked. "There is far too little talk about China," says Sven Herpig. He heads the international cybersecurity policy department at the New Responsibility think tank and has now written a study on China's efforts on the Internet. Attacks by ransomware like the one from Russia did serious damage to businesses and local authorities, says Herpig. However, the damage caused by digital espionage is also huge - and the perpetrators are primarily in China.

The stated goal of the People's Republic of China is to become a cyber great power 

Two events show, among other things, what this means. For some time now, there have been targeted hacker attacks on government networks in a number of European countries. A group of hackers that security researchers use the abbreviation APT 31 is said to be responsible for them.

Pegasus Spy Software: Apple Is Suing NSO Group

It is often difficult to determine who is really behind a digital attack, as the perpetrators disguise themselves and mask their code and their origin. Nevertheless, the Federal Office for the Protection of the Constitution (BfV), which is otherwise rather silent in such matters, is certain that APT 31 has attacked German authorities, among others, and has publicly warned against it.

'Evil Corps': Search For The World's Most Wanted Hackers Who Are A Mystery To The World Despite Their Crimes

According to security researchers and secret services, APT 31 is controlled by the Ministry of State Security in Beijing. The group engages in classic espionage and aims to obtain important political and economic information for the Chinese government. But it has also tried to infiltrate democracy activists in Hong Kong.

The hack of tens of thousands of Microsoft Exchange servers around the world in the spring can also be traced back to actions by the Ministry of State Security. A group named after the chemical element hafnium began in January to exploit holes in Microsoft Exchange's mail servers to gain access to government agencies and organizations.

'Israel Involved In Cyber Attacks On Middle East'

Initially, there were only comparatively few and targeted attacks that were apparently intended to obtain information. After a few weeks, however, the situation escalated for reasons that were previously unknown. From then on, criminals took advantage of the loopholes en masse and there were numerous attacks worldwide. The Federal Office for Security in the Information Industry (BSI) was forced to issue the highest warning level for Germany, which is intended for a cyber threat.

As a result, the European Union officially complained to China and issued a protest resolution. "Malicious cyber activities with significant effects have been identified" originating from China. The government is violating the "norms for responsible government behavior" and should end them immediately. The USA, Japan and NATO reacted with similar angry remarks.

Hackers Broke Into The FBI System And Sent Millions Of Emails

The Federal Office for the Protection of the Constitution, which is responsible for counter-espionage, states that they are not issuing appropriate warnings about cyberattacks without good reason, since China is a player to be taken seriously in this area. The country has not only developed further in cyberspace in recent years in terms of industrial espionage, but the scope of espionage against political goals has also increased significantly. The BfV is therefore assuming "an increased potential threat to German authorities from state-controlled cyber attacks of Chinese origin".

In addition to economic and political espionage, Herpig lists other aspects of Chinese cyber operations. This includes military operations, subversion and, above all, the surveillance of minorities, dissidents and activists.

Hacker Group "RocketHack" | Where Spies Shop

Margarete Bause experienced what that can mean in concrete terms. The Green politician was a member of the Bundestag until 2021and there member of the human rights committee. She is also part of an inter-parliamentary association called IPAC, which is critical of China. "The Office for the Protection of the Constitution called the Bundestag office and warned that there could be phishing mails and cyberattacks against me and other members of IPAC," she says. Unfortunately, anyone who speaks publicly against China has to assume that the Chinese government is interested in you. 

Ransomware Group REvil: International Operation GoldDust Against Cyber Blackmailers

"But it wasn't just about my Bundestag email address and that of my employees, but also about those around me, friends and family," says Bause. Something like that "sharpens one's attention". Even more so, since other members of IPAC had already been hacked.

According to IT security specialists, the long-term approach of Chinese politics in particular is a challenge. Those responsible think and plan at very long intervals, which makes it difficult to explain the relevant activities. 

REVIL | Ransomware Group REvil, The Bitcoin Blackmailer With The Expensive Watch

Which means nothing else than that some actions are prepared secretly over many years because China is interested in strategic victories and not short-term actions, for example against a single federal election. That makes discovering connections all the more difficult.

We mustn't underestimate how little we know

Hic sunt dracones - here are dragons - cartographers wrote in Latin on their maps in earlier centuries when they were unfamiliar with a region and therefore uncomfortable. Today this sentence could appear on the area of ​​the digital map that China occupies. Because that is also a problem: Many actions such as the global hafnium attack appear puzzling from a Western perspective. Should it escalate like this or did it accidentally get out of hand? The question has not yet been answered.

Cyber Attack | Iran Blames Hackers For Failure Of Gasoline Supply

Herpig advocates dealing more with China as a matter of principle. "The Chinese cybersecurity policy must be better understood so that the effects of the political decisions made there for Germany can be better assessed," he writes. "We are calling for a nuanced discourse with an important geopolitical partner," says Herpig. If Germany wanted to react appropriately to this threat, it had to know who hit them on the other side and why.

iPhone's Change Your Passwords "A Unique Cybersecurity Feature" 

"We must not underestimate how little we know about what is happening in China," he says. As a result, however, "the most important new actor in cyberspace is barely understood".

Do You Know What We Have Posted on

Twitter Facebook Instagram Reddit tumblr

Post a Comment