Cybersecurity firm CYJAX has released a new report titled Broken China, highlighting the precarious economic situation in China and warning of potential increased cyber espionage activities by the People’s Republic of China (PRC) in order to benefit Chinese businesses.
According to the report, China is currently facing a multitude of economic challenges stemming from the lingering effects of the COVID-19 pandemic, a shrinking manufacturing sector, and an overleveraged property market due to aggressive borrowing practices. Additionally, there is a noticeable rise in discontent among the country’s youth, fueled by escalating unemployment rates.
While there are potential remedies that could aid in China’s economic recovery, the report suggests that the country’s strong culture of nationalism and conservatism may hinder the implementation of such solutions. Furthermore, there is a looming threat of deteriorating relations between the US and China if former President Donald Trump is re-elected, potentially resulting in even higher trade tariffs.
In light of the grim economic outlook, CYJAX predicts that the PRC will likely resort to short-term strategies to bolster its economy rapidly. This includes an anticipated increase in aggressive cyber espionage campaigns aimed at stealing foreign intellectual property in order to bolster domestic industries.
The report identifies several threat groups that are expected to engage in heightened cyber espionage activities over the next year. These include:
– The Gallium group, which has been active since at least 2012 and is known for targeting global telecommunications and Microsoft Exchange servers to steal intellectual property from various sectors.
– Sandman, a group that focuses on telecommunication providers in regions such as the Middle East, Western Europe, and South Asia, utilizing a unique backdoor method to deliver malware.
– MustangPanda, observed targeting Southeast Asian governments among other local entities in Beijing.
– VoltTyphoon, believed to have been operating since 2021 and targeting critical US infrastructure to gather intelligence in alignment with the PRC’s goals.
Ian Thornton-Trump, Chief Information Security Officer at CYJAX, emphasized the complexity of China’s internal dynamics and the likelihood of increased cyber espionage activity as a response to internal pressures. He highlighted the PRC’s historical use of cyberspace to further its business interests by extracting technologies from Western companies, ultimately giving Chinese industries a competitive edge in the global market.
Thornton-Trump stressed the importance of understanding China’s internal forces and their implications for cyber strategies in order to enhance defenses against PRC cyber espionage activities. By gaining insights into the country’s economic and political landscape, organizations can better prepare for and mitigate the risks posed by cyber threats originating from China.