While a Chinese spy balloon was drifting over the United States, China-affiliated hackers were busy infiltrating computer networks both domestically and worldwide, as per a new report from a prominent cybersecurity company.
CrowdStrike’s annual global threat report reveals that cyber espionage groups associated with China have targeted almost every continent and 39 different industries. North America accounted for roughly a quarter of these attacks, with the majority being aimed at China’s Asian neighbors. The report notes that China’s hacking tactics have grown more sophisticated in response to advancements in cybersecurity.
“They’re endemic at this point — they’re everywhere,” said Adam Meyers, CrowdStrike’s head of intelligence.
According to U.S. officials, China engages in network hacking to gather intelligence, similar to the U.S. However, unlike the U.S., China also targets private companies to steal their intellectual property, which the U.S. government denies doing.
China consistently denies that, while a top American intelligence official once called Chinese hacking of Western companies “the greatest transfer of wealth in history.”
“Hacking remains the chief Chinese espionage activity,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “Hacking is where they make their money — the balloon doesn’t even register.”
According to U.S. officials, China engages in network hacking to gather intelligence, similar to the U.S. However, unlike the U.S., China also targets private companies to steal their intellectual property, which the U.S. government denies doing.
According to Lewis and other experts, in 2015, President Barack Obama reached an agreement with the Chinese government, which resulted in a brief reduction of Chinese hacking targeting American companies. However, this reduction was not permanent.
Meyers asserts that Chinese President Xi Jinping agreed to the deal because the People’s Liberation Army was restructuring its cyber units, and he knew that Chinese hacking activities would be reduced temporarily anyway. China has denied hacking to obtain trade secrets.
Meyers added that Chinese hacking has been on the rise since 2017.
Chinese hackers have upped their game significantly, he added.
What once were mostly “smash and grab” operations have morphed into sophisticated campaigns to steal credentials and slip quietly into networks.
The report by CrowdStrike revealed that over 66% of the breaches documented last year did not involve malware, indicating that the attackers gained entry into the systems using valid login credentials, such as passwords. Such credentials are typically acquired by tricking users into divulging their passwords through malicious emails or links.
During a November session of the House Homeland Security Committee, FBI Director Christopher Wray declared China’s hacking initiative as the “largest in the world.”
“They have stolen more Americans’ personal and business data than every other nation combined,” Wray added.
The CrowdStrike report also documented a significant uptick in destructive Russian cyberattacks aimed at Ukraine as the war there has unfolded. But it said there were no significant spillover effects into networks beyond Ukraine.
And the report says cybercriminals, including ransomware gangs, “continue to operate at a phenomenal rate.”