China becomes main victim of advanced persistent threat attacks: Ministry of State Security
Published: Sep 16, 2023 07:54 PM


According to the Ministry of State Security on Saturday which is the 23rd National Defense Education Day, China has become the main victim of advanced persistent threat (APT) attacks, adding that cyberspace has become an important battleground for foreign intelligence agencies to conduct cyber espionage against China, Xinhua Daily Telegraph reported.

The national security departments of China have revealed that foreign intelligence agencies employ various methods to carry out cyberattacks and infiltrations in China. For example, they may establish specialized organizations, set up "cover companies," and develop professional tools to directly attack China. They may also use methods such as "behind-the-scenes manipulation" and "outsourcing services" to instruct professional companies and hacker organizations to carry out attacks. Some countries even disguised their actions and collaborate with other countries in carrying out attacks.

In terms of attack targets, foreign intelligence agencies not only continuously target traditional targets such as Chinese government bodies, sensitive units but are also increasingly focused on attacking and infiltrating China's critical information infrastructure and major infrastructure network systems. They have also extended their "black hand" to Chinese universities, research institutions, large enterprises, high-tech companies, as well as executives, experts, and scholars, according to the Chinese authority.

Also, the attacks are omnipresent, involving various types of software systems such as email, office automation, user management, and security protection, as well as hardware devices such as servers, computers, switches, routers, and even civilian devices such as mobile phones, Wi-Fi, and surveillance cameras.

Unlike ordinary hackers, foreign intelligence agencies have abundant resources, strong technical capabilities, extensive experience in cyberattacks and more covert methods. Some of them collected and stole personal information data, using social engineering to precisely forge "phishing" emails and websites to carry out deceptive attacks. Some directly attacked China by exploiting and purchasing key software systems and hardware devices. Some infiltrated and controlled Chinese supply chain companies or operation and maintenance service organizations' networks, using them as "springboards" to attack downstream user units. Some conducted large-scale infiltrations and control of China's civilian networks and household network devices, establishing "strongholds" for cyberattacks against China and other countries.

The national security agencies pointed out that once China's critical information infrastructure and major infrastructure network systems are invaded and controlled, they will face the risk of being disrupted and destroyed at any time. Cyberattacks by foreign intelligence agencies not only stole commercial secrets and intellectual property of Chinese enterprises and institutions but also monitored the network communication content of Chinese citizens, seriously infringing upon the legitimate rights and interests of Chinese citizens and organizations.

The national security authority stressed that once citizens and organizations discover online espionage activities, they should promptly report them to the national security authorities through channels such as the 12339 hotline, the online reporting platform, and the official WeChat account of the Ministry of State Security.

China is a major cyber power, also a large victim of cyberattacks. In recent years, hacker organizations, criminal gangs and lawbreakers have continued to carry out cyberattacks on China's key information infrastructure and important industry sectors, invading important information systems, and stealing important data. 

These practices not only violate personal privacy and business secrets, but also threaten the security of important national data, the  Ministry of State Security (MSS) has said earlier. 

In facing of emerging data security problems, the MSS called on to strengthen the protection, early warning and tracing capacity of key information infrastructure.

The MSS stressed that cyberspace is increasingly becoming a new battlefield for safeguarding national security. Without cybersecurity, there is no national security, and no stable operation of the economy and society, while the interests of the general public are also difficult to guarantee. The MSS called for solidarity to strengthen security awareness, and to enhance security capabilities, so as to jointly safeguard cybersecurity.

Global Times