China’s cyber warfare grew thanks to civilian recruits



Representative image | Cybercrime | Pexels

Text size:

VSYber operations have become China’s tool of choice for securing exclusive intellectual property and collecting personal data around the world.

In February 2021, malware from China was found in an Indian power grid. Experts have suggested that the malware may have turned off Mumbai city lights at the height of the Ladakh border standoff.

The Ministry of State Security and the People’s Liberation Army (PLA) Strategic Support Force primarily manage China’s cyber operations.

The Strategic Support Force was born out of the reorganization of the PLA in 2015. With the creation of this new integrated force, China combined electronic warfare, information warfare and cyber operations. Under President Xi Jinping, however, it was the State Security Ministry that gained the power to conduct cyber operations with the help of an army of civilian recruits.

The Department of State Security has in the past used open source data research for zero-day exploits, which can provide access to a device from a remote location. Zero-day exploits are vulnerabilities in software code and exist on various electronic devices.

Read also : Cyber ​​security breaches are on the rise. What can we do to become more resilient?

China’s deep dive into cyber warfare

In 1999, two Chinese Air Force colonels identified the coming era of electronic warfare and cyberspace after the United States’ war in Iraq. Qiao Liang and Wang Xiangsui Unrestricted war emphasized the ability to wage war below a certain conflict threshold. “The first rule of unrestricted warfare is that there are no rules, nothing forbidden,” Qiao said in an interview.

But since the publication of Unrestricted war, China’s military strategy has evolved. China’s 2015 military strategy paper called cyberspace “a new pillar of economic and social development and a new area of ​​national security.”

The pursuit of cyber warfare is not unique to the United States or China, as all major powers have invested in offensive and defensive cyber capabilities. But China’s rapid improvement in capabilities has caught the attention of experts around the world.

The Microsoft Exchange Server hack – attributed to Chinese hackers – revealed capabilities that the State Security Ministry and the PLA have improved since the early 2000s.

“China’s appetite for US private data has been one of the greatest secrets of modern intelligence. Intelligence officials estimate that China has now stolen all personally identifiable information from around 80% of Americans, and has a good start in collecting information on the remaining 20%, ”wrote US journalist Dina Temple. -Raston following his investigation into the Microsoft hack. for National public radio (NPR).

The UK, US and EU accused the Hafnium group – linked to the Chinese state – of hacking into the Microsoft Exchange server, which provided access to a vast mine of data.

Read also : Cyber ​​threats now rub shoulders with nuclear threats – India needs a formal national strategy

Hacking on the backs of civilian recruits

The United States remains ahead of China in conducting cyber operations, but China has slowly caught up with its model of civilian integration. The Institute of International and Strategic Studies called China a “level 2” cyberpower in its 2021 assessment of cyber capacity and national power. The United States remains the number one cyber power.

According to the report of The New York Times and other publications, China’s State Security Ministry has established a sophisticated network of private entities that hire and train hackers to work for the Xi Jinping government. The hacker community has collected information on US citizens from hacks such as the Marriott Hotel Guest Database. The cyber espionage network attempted to steal Ebola vaccine data and covert technology from a self-driving car company.

The office of the Ministry of State Security in Hainan established a private entity called Hainan Xiandun Technology Development Ltd, to recruit new graduates from top Chinese universities with technological and language skills. The United States Federal Bureau of Investigation (FBI) has indicted three agents from the Hainan State Security Department in connection with Hainan Xiandun’s technology development operations.

A 2013 recruitment ad posted by Hainan Xiandun said, “Since its establishment, the company has worked in the information security industry and has a large customer base in government, military, public security, telecommunications and finance ”. The ad called for “information security technicians and interns” and suggested a salary range of 4,000 to 1,000 yuan per month ($ 618 to $ 1,546) during the three-month probation period. Recruits could be paid up to 15,000 yuan ($ 2,319) per month after their probationary period. NYT reported salaries for some technical roles between $ 1,200 and $ 3,000.

According to documents from 2016, Hainan Xiandun had registered capital of 2 million RMB and the location of the company was the Hainan University Library. The FBI believes the company has since been disbanded, but continued to recruit until 2019.

Hainan Xiandun’s recruits have targeted aviation, defense, education, government, healthcare, biopharmaceutical and maritime companies in Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, United Kingdom and United States. .

Read also : Don’t rush to kick China hard. Mumbai’s power grid failure is a strong warning

A new protocol

The estimated annual cost of China’s intellectual property theft to the US economy is between $ 300 billion and $ 600 billion per year.

Cyber ​​threat assessment firm Recorded Future has linked the new push to hide cyber operations behind civilian entities to China’s Digital Silk Road initiative. China wants to export its own global Internet regulations by setting standards with the “New Internet Protocol” plan. So far, only a few countries, including Saudi Arabia, Iran, and Russia, have shown interest in China’s Internet Protocol. But China continues to push for the adoption of the new standards in various international technology forums.

Xi Jinping’s recent decisions to establish personal data protection regimes, including regulatory actions against Didi Chuxing, are part of the strategy to reduce U.S. operations’ access to Chinese data.

The conflict at our physical borders has shaped 20e geopolitics of the century. China’s advanced cyber capabilities have added another area of ​​conflict, which should be part of the public discourse.

The author is a freelance columnist and journalist. He was previously a Chinese media reporter for the BBC World Service. He tweets @aadilbrar. Opinions are personal.

(Edited by Prashant)

Subscribe to our channels on YouTube and Telegram

Why the news media is in crisis and how to fix it

India is all the more in need of free, fair, uninhibited and questioning journalism as it is facing multiple crises.

But the news media are in a crisis of their own. There have been brutal layoffs and pay cuts. The best of journalism is shrinking, giving in to crass spectacle in prime time.

ThePrint employs the best young reporters, columnists and editors. Supporting journalism of this quality requires smart, thoughtful people like you to pay the price. Whether you live in India or abroad, you can do it here.

Support our journalism


Leave A Reply

Your email address will not be published.