Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the

People's Republic of China China, officially the People's Republic of China (PRC), is a country in East Asia. It is the world's most populous country, with a population exceeding 1.4 billion, slightly ahead of India. China spans the equivalent of five time zones and ...

, including affiliated

advanced persistent threat An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may ...

groups, against other countries.

Organization

While some details remain unconfirmed, it is understood that China organizes its resources as follows: * “Specialized military network warfare forces” () - Military units specialized in network attack and defense. * "PLA - authorized forces” () - network warfare specialists in the Ministry of State Security (MSS) and the Ministry of Public Security (MPS). * “Non-governmental forces” () - civilian and semi-civilian groups that spontaneously engage in network attack and defense. In 2017, ''

Foreign Policy A State (polity), state's foreign policy or external policy (as opposed to internal or domestic policy) is its objectives and activities in relation to its interactions with other states, unions, and other political entities, whether bilaterall ...

'' provided an estimated range for China's " hacker army" personnel, anywhere from 50,000 to 100,000 individuals. In response to claims that Chinese universities, businesses, and politicians have been subject to cyber espionage by the

United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...

National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...

since 2009, the PLA announced a cyber security squad in May 2011 to defend their own networks.

Accusations of espionage and cyber-attacks

Australia

In May 2013,

ABC News ABC News is the news division of the American broadcast network ABC. Its flagship program is the daily evening newscast ''ABC World News Tonight, ABC World News Tonight with David Muir''; other programs include Breakfast television, morning ...

claimed that China stole blueprints to the headquarters of the

Australian Security Intelligence Organisation The Australian Security Intelligence Organisation (ASIO ) is Australia's national security agency responsible for the protection of the country and its citizens from espionage, sabotage, acts of foreign interference, politically motivated vio ...

Canada

Officials in the

Canadian government The government of Canada (french: gouvernement du Canada) is the body responsible for the federal administration of Canada. A constitutional monarchy, the Crown is the corporation sole, assuming distinct roles: the executive, as the ''Crown-in-C ...

claimed that Chinese hackers compromised several departments within the federal government in early 2011, though the Chinese government has denied involvement. In 2014, Canada's Chief Information Officer claimed that Chinese hackers compromised computer systems within the

National Research Council National Research Council may refer to: * National Research Council (Canada), sponsoring research and development * National Research Council (Italy), scientific and technological research, Rome * National Research Council (United States), part of ...

India

Officials in the

Indian government The Government of India (ISO 15919, ISO: ; often abbreviated as GoI), known as the Union Government or Central Government but often simply as the Centre, is the Government, national government of the Republic of India, a federal democracy lo ...

believe that attacks on Indian government networks, such as the attack on the Indian

National Security Council A national security council (NSC) is usually an executive branch governmental body responsible for coordinating policy on national security issues and advising chief executives on matters related to national security. An NSC is often headed by a na ...

, have originated from China. According to the Indian government, Chinese hackers are experts in operating

botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...

s, of which were used in these attacks. Additionally, other instances of Chinese

cyberattacks A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...

against India's cyberspace have been reported in multitude.

Japan

In April 2021 Japan claimed that the Chinese military ordered cyberattacks on about 200 Japanese companies and research institutes, including

JAXA The is the Japanese national air and space agency. Through the merger of three previously independent organizations, JAXA was formed on 1 October 2003. JAXA is responsible for research, technology development and launch of satellites into orb ...

United States

The

United States of America The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territo ...

has accused China of cyberwarfare attacks that targeted the networks of important American military, commercial, research, and industrial organizations. A Congressional advisory group has declared China "the single greatest risk to the security of American technologies" and "there has been a marked increase in cyber intrusions originating in China and targeting U.S. government and defense-related computer systems".Cha, Ariana Eunjung and Ellen Nakashima, "Google China cyberattack part of vast espionage campaign, experts say". ''The Washington Post''. January 14, 2010. In January 2010,

Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...

reported targeted attacks on its corporate infrastructure originating from China "that resulted in the theft of intellectual property from Google."

Gmail Gmail is a free email service provided by Google. As of 2019, it had 1.5 billion active users worldwide. A user typically accesses Gmail in a web browser or the official mobile app. Google also supports the use of email clients via the POP an ...

accounts belonging to two

human rights activists A human rights defender or human rights activist is a person who, individually or with others, acts to promote or protect human rights. They can be journalists, environmentalists, whistleblowers, trade unionists, lawyers, teachers, housing campai ...

were compromised in an attack on Google's password system. American security experts connected the Google attack to various other political and corporate espionage efforts originating from China, which included spying against military, commercial, research, and industrial corporations.

Obama administration Barack Obama's tenure as the 44th president of the United States began with his first inauguration on January 20, 2009, and ended on January 20, 2017. A Democrat from Illinois, Obama took office following a decisive victory over Republican ...

officials called the cyberattacks "an increasingly serious cyber threat to US critical industries." In addition to Google, at least 34 other companies have been attacked. Reported cases include

Northrop Grumman Northrop Grumman Corporation is an American multinational aerospace and defense technology company. With 90,000 employees and an annual revenue in excess of $30 billion, it is one of the world's largest weapons manufacturers and military techn ...

, Symantec,

Yahoo Yahoo! (, styled yahoo''!'' in its logo) is an American web services provider. It is headquartered in Sunnyvale, California and operated by the namesake company Yahoo! Inc. (2017–present), Yahoo Inc., which is 90% owned by investment funds ma ...

Dow Chemical The Dow Chemical Company, officially Dow Inc., is an American multinational chemical corporation headquartered in Midland, Michigan, United States. The company is among the three largest chemical producers in the world. Dow manufactures plastics ...

, and

Adobe Systems Adobe Inc. ( ), originally called Adobe Systems Incorporated, is an American multinational computer software company incorporated in Delaware and headquartered in San Jose, California. It has historically specialized in software for the crea ...

Cyber-espionage Cyber spying, or cyber espionage, is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information from individuals, competitors, rivals, groups, governments and enemies for personal, ...

has been aimed at both commercial and military interests.

Diplomatic cables A diplomatic cable, also known as a diplomatic telegram (DipTel) or embassy cable, is a confidential text-based message exchanged between a diplomatic mission, like an embassy or a consulate, and the foreign ministry of its parent country.Defin ...

highlight US concerns that China is exploiting its access to Microsoft source code to boost its offensive and defensive capabilities. A number of private computer security firms have stated that they have growing evidence of cyber-espionage efforts originating from China, including the " Comment Group". China has denied accusations of cyberwarfare, and has accused the United States of engaging in cyber-warfare against it, accusations which the United States denies. During March 2013, high-level discussions continued. In May 2014, a federal

grand jury A grand jury is a jury—a group of citizens—empowered by law to conduct legal proceedings, investigate potential criminal conduct, and determine whether criminal charges should be brought. A grand jury may subpoena physical evidence or a pe ...

in the United States indicted five

PLA Unit 61398 PLA Unit 61398 (also known as APT 1, Comment Crew, Comment Panda, GIF89a, and Byzantine Candor) (, Pinyin: 61398 ''bùduì'') is the Military Unit Cover Designator (MUCD) of a People's Liberation Army advanced persistent threat unit that has be ...

officers on charges of theft of confidential business information from U.S. commercial firms and planting

malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...

on their computers. In September 2014, a

Senate Armed Services Committee The Committee on Armed Services (sometimes abbreviated SASC for ''Senate Armed Services Committee'') is a committee of the United States Senate empowered with legislative oversight of the nation's military, including the Department of Defe ...

probe revealed hackers associated with the Chinese government committing various intrusions of computer systems belonging to U.S. airlines, technology companies and other contractors involved with the movement of U.S. troops and military equipment, and in October 2014, The FBI added that hackers, who they believe to be backed by the Chinese government, have recently launched attacks on U.S. companies. In 2015, the U.S Office of Personnel Management (OPM) announced that it had been the target of a

data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...

targeting the records of as many as 21.5 million people. ''The Washington Post'' reported that the attack came from China, citing unnamed government officials.

FBI director The Director of the Federal Bureau of Investigation is the head of the Federal Bureau of Investigation, a United States' federal law enforcement agency, and is responsible for its day-to-day operations. The FBI Director is appointed for a single ...

James Comey James Brien Comey Jr. (; born December 14, 1960) is an American lawyer who was the seventh director of the Federal Bureau of Investigation (FBI) from 2013 until his dismissal in May 2017. Comey was a registered Republican for most of his adul ...

explained "it is a very big deal from a national security perspective and a counterintelligence perspective. It's a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government." In 2019, a study showed continued attacks on the US Navy and its industrial partners. In February 2020, a US federal grand jury charged four members of China's

People's Liberation Army The People's Liberation Army (PLA) is the principal military force of the People's Republic of China and the armed wing of the Chinese Communist Party (CCP). The PLA consists of five service branches: the Ground Force, Navy, Air Force, ...

with the 2017 Equifax hack. The official account of FBI stated on Twitter that they played a role in "one of the largest thefts of personally identifiable information by state-sponsored hackers ever recorded", involving "145 million Americans". The ''

Voice of America Voice of America (VOA or VoA) is the state-owned news network and international radio broadcaster of the United States of America. It is the largest and oldest U.S.-funded international broadcaster. VOA produces digital, TV, and radio content ...

'' reported in April 2020 that "U.S. intelligence agencies concluded the Chinese hackers meddled in both the 2016 and 2018 elections" and said "there have already been signs that China-allied hackers have engaged in so-called "spear-phishing" attacks on American political targets" ahead of the

2020 United States elections The 2020 United States elections were held on Tuesday, November 3, 2020. Democratic presidential nominee, former vice president Joe Biden, defeated incumbent Republican president Donald Trump in the presidential election. Despite losing seats ...

. In March 2021,

United States intelligence community United may refer to: Places * United, Pennsylvania, an unincorporated community * United, West Virginia, an unincorporated community Arts and entertainment Films * ''United'' (2003 film), a Norwegian film * ''United'' (2011 film), a BBC Two fi ...

released analysis in finding that China had considered interfering with the election but decided against it on concerns it would fail or backfire. In April 2021,

FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company founded in 2022. It has been involved in the detection and prevention of major cyber attacks. It provides hardware, software, and services to investigat ...

said that suspected Chinese hackers used a zero-day attack against Pulse Connect Secure devices, a vpn device, in order to spy on dozens of government, defense industry and financial targets in the U.S. and Europe.

Taiwan

Comparing the semiconductor industry in China mainland and Taiwan today, Taiwan is the leader in terms of overall competitiveness. On 6 August 2020, ''

Wired ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fra ...

'' published a report, stating that "Taiwan has faced existential conflict with China for its entire existence and has been targeted by China's state-sponsored hackers for years. But an investigation by one Taiwanese security firm has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry."

Ukraine

In April 2022, ''

The Times ''The Times'' is a British daily national newspaper based in London. It began in 1785 under the title ''The Daily Universal Register'', adopting its current name on 1 January 1788. ''The Times'' and its sister paper ''The Sunday Times'' (fou ...

'' reported that days prior to the start of the

2022 Russian invasion of Ukraine On 24 February 2022, in a major escalation of the Russo-Ukrainian War, which began in 2014. The invasion has resulted in tens of thousands of deaths on both sides. It has caused Europe's largest refugee crisis since World War II. An ...

, a cyberwarfare unit of the People's Liberation Army launched cyberattacks against hundreds of Ukrainian government sites, according to officials of the

Security Service of Ukraine The Security Service of Ukraine ( uk, Служба безпеки України, translit=Sluzhba bezpeky Ukrainy}) or SBU ( uk, СБУ, link=no) is the law enforcement authority and main intelligence and security agency of the Ukrainian ...

The Vatican

In July 2020 it was reported that Chinese state-sponsored hackers operating under the named RedDelta hacked the Vatican's computer network ahead of negotiations between China and the Vatican.

IP hijacking

During 18 minutes on April 8, 2010, state-owned

China Telecom China Telecom Corp., Ltd. is a Chinese telecommunications company. It is one of the red chip listed companies of state-owned China Telecommunications Corporation. Its H shares have been traded on the Stock Exchange of Hong Kong since 15 Novembe ...

advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers. A US Defense Department spokesman told reporters that he did not know if "we've determined whether that particular incident ... was done with some malicious intent or not" and China Telecom denied the charge that it "hijacked" U.S. Internet traffic.

References

{{DEFAULTSORT:Cyberwarfare In China Advanced persistent threat China–United States relations Cyberattacks Foreign relations of China Hacker groups Hacking (computer security) Espionage in China