Last year, India suffered hugely on account of suspected hackers from China on its health and power sectors. Delhi-based premier hospital, the All-India Institute of Medical Sciences could not properly handle treatment of patients in November 2022 after its servers were paralysed by hackers from China. The data of millions of patients was feared to have been compromised after hackers five of 100 servers of the AIIMS.
This was not the lone hacking incident in which Chinese hackers were found to be involved; in between August 2021 and March 2022, Chinese hackers targeted at least seven Indian State Load Despatch Centres (SLDCs), responsible for carrying out real-time operation for grid control and electricity distribution within states.
The hacking of SLDCs affected distribution of power in areas of the northern India, including sensitive India-China border in Ladakh. Months later, InSikt Group, the research division of Massachusetts-based Recorded Future, revealed that hacking of power system in India was done by contractors who work for China’s Ministry of State Security.
In March 2021, when countries after countries were scrambling for vaccines, China-backed hackers as per CyFima, a Singapore-based company, were busy targeting the information technology systems of Bharat Biotech and Serum Institute of India. In the world, the East Asian country is regarded as one having bigger hacking programme than all nations combined.
Earlier in October 2020– five months after the Galwan Valley incident in which 20 Indian soldiers were killed by Chinese PLA members during a scuffle in June—Mumbai witnessed a widespread blackout, affecting suburban train services and hospitals. Recorded Future said China-linked hacker group ‘RedEcho’ had breached the Indian power sector, which may have caused Mumbai’s power outage.
Of course, this hints towards capabilities that China have acquired to compromise with interests of other nations. “China has got a bigger hacking programme than every other major nation combined,” FBI Director Christopher War said during a hearing before the House Appropriations Committee on April 27. He said China has stolen more of personal and corporate data in the US than other nations.
Reacting over the FBI Director’s remarks, China Foreign Ministry Spokesperson Mao Ning said, “This is nothing new. The US has long used its tech advantage to conduct massive surveillance and secret theft and cyber theft against its allies and the rest of the world, which has long been an open secret. Perhaps, the US should take a hard look in the mirror before it points its fingers at another country.”
But truth cannot be falsified. As per NBC News, last year alone, hackers linked to the Chinese government stole at least $20 million in US Covid relief benefits, including Small Business Administration loans and unemployment insurance funds in over a dozen states. This was found to be done by the Chengdu-based hacking group known as APT41, also known as Wicked Panda, Barium and Winnti.
The Wall Street Journal in its report published on March 16 said defence contractors, government agencies, technology and telecommunication firms are bearing the brunt of Beijing-linked cyber-attacks. Quoting researchers with Google, the New York City-based business and economic daily said that state-backed hackers from China have developed such techniques that they “evade common cybersecurity tools and enable them to burrow into government and business networks and spy on victims for years without detection.”
In an annual report published earlier in March 2023, US intelligence officials said China “probably represents the broadest, most active, and persistent cyber espionage threat to the US government and private sector networks.” But America alone has not been the target of cybercrime by China-linked hackers. According to CrowdStrike, a leading cybersecurity firm said in its annual global threat report that China-backed hackers targeted 39 industries on nearly every continent in 2022.
Last year, thousands of megabytes of ASEAN countries’ data, containing strategic information on the South China Sea and talks with the US, were stolen by Chinese government-linked hackers, Wired magazine quoted cybersecurity firm Digital Forensic Indonesia as saying. As per the monthly American magazine, as many as 30,000 megabytes of data, including email correspondence, from the ASEAN Secretariat and contacts in member states were stolen by Chinese hackers.
The US-based magazine also maintained how mail servers operated by ASEAN were breached by China-linked hackers and stole a trove of data—all this, when ASEAN members were preparing for the group’s summit with the US in Phnom Penh, the national capital of Cambodia in November 2022.
Experts suggest that the majority of countries, groups and blocs are continuously strengthening cybersecurity measures through standardizing training systems, encryption, updating security protocols regularly and enhancing capacity building across critical infrastructure sectors. Yet it is not foolproof against breaches. Several probes into cyber attacks across the world have led investigators to the door of China’s Ministry of State Security.
After Microsoft hacking in March 2021 affected around 30,000 US organisations including local governments and several other entities worldwide, US Secretary of State said, “China’s Ministry of State Security (MSS) has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain.”
Two years ago, four Chinese nationals were charged by the US Justice Department with conducting hacking campaign against American universities, companies and government entities between 2011 and 2018. Of these four Chinese nationals, three were security officials and one contract hacker and they were working with the MSS, The Guardian said.
Experts say China conducts cyber-attack against its economic and military rivals, neighbours on a regular basis. “China is using cyber power to rise and ultimately win global dominance, and that the Chinese government is behind the scenes in many malicious cyber activities,” Carnegie Endowment for International Peace said.
Cutting its teeth in cyber warfare in the 1990s, China became a force in the handling of information technologies by 2015. “Threats from such new security domains as outer space and cyberspace will be dealt with to maintain the common security of the world community. China’s armed forces will strengthen international security cooperation in areas crucially related to China’s overseas interests, to ensure the security of such interests,” China’s Ministry of National Defence paper entitled ‘China’s Military Strategy,’ said. This paper was released in 2015.
China, which calls the world’s top internet companies such as Apple, Cisco, Google, IBN, Intel, Microsoft, Oracle, and Qualcomm as “eight King Kongs,” often targets those sectors which offer rich follow-on opportunities for intelligence collection, attack, or influence operations. In the meantime, there are reports which suggest that rising incidents of cyber-attacks from China would be an agenda of discussion during the forthcoming Quad Leadership summit in Australia. In the backdrop of emerging reports and opinions that China could launch lightning air, sea and cyber assault to seize control of key strategic targets on Taiwan within hours before the US and its allies could intervene, the planned Quad discussion on alleged malicious activities of hackers from China would be of immense significance.
–The writer is a senior journalist with wide experience in covering international affairs. The views expressed are of the writer and do not necessarily reflect the views of Raksha Anirveda
–The writer is a senior journalist with wide experience in covering international affairs. The views expressed are of the writer and do not necessarily reflect the views of Raksha Anirveda
