Beijing has accused undisclosed foreign entities of deploying covert maritime buoys and seabed equipment to conduct espionage on its naval operations, following recent cyberattacks on the presidential campaigns of Donald Trump and Kamala Harris by Chinese state-sponsored hackers.
According to a statement on WeChat, China’s Ministry of State Security (MSS) uncovered devices meant for reconnaissance and monitoring in its waters as well as engaging in intelligence collection and technical theft. The MSS also alleged that foreign “secret guards” are masquerading as drifting “spies” and even acting as “lighthouses” to aid outsider submarines.
The MSS vowed to defend China’s sovereignty against what it perceives as a severe and multifaceted covert struggle in the realm of deep-sea security. While the accuracy of these claims remains uncertain, Ryan McConechy, CTO at Barrier Networks, believes that suspicion will likely fall on Western entities due to the prevalent use of the online domain for clandestine activities by adversaries. McConechy emphasized that the online world offers a safer and more surreptitious environment for espionage operations compared to traditional physical methods.
William Wright, CEO of Closed Door Security, emphasized the vulnerability of at-sea ships as potential targets for espionage, highlighting the wealth of sensitive information they harbor. The maritime industry’s importance, from naval secrets to trading information, makes it an enticing prospect for nation-states seeking valuable intelligence.
In response to these accusations, the FBI and the US Cybersecurity and Infrastructure Security Agency revealed they were looking into unauthorized access to commercial telecommunications infrastructure by individuals linked to China. This aligns with previous incidents involving the Chinese state-sponsored APT Volt Typhoon, known for targeting critical infrastructure in the US with espionage in mind.
Another Chinese APT, Salt Typhoon, recently engaged in cyberattacks on US ISPs, indicating a concerted effort to pilfer information and potentially launch disruptive assaults. Casey Ellis, Bugcrowd founder and adviser, expressed little surprise at the recent campaign targeting, given the looming US election season and the history of such attacks by Chinese APT groups.
McConechy underscored the need for all industries to bolster their cyber defenses in light of evolving cyber-physical espionage tactics employed by nation-states. He stressed the importance of regular malware scans and continuous monitoring for intruders near critical infrastructure locations, advocating for improved defenses in both physical and digital domains as a top priority.
As tensions between China and the US escalate in the cyber domain, the need for heightened vigilance and robust security measures becomes increasingly paramount to safeguard national interests and critical infrastructure from surreptitious espionage activities.