• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Wing FTP Server flaw actively exploited shortly after technical details were made public

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

 | 

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

McDonald’s job app exposes data of 64 Million applicants

 | 

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Hacking
  • Intelligence
  • Security
  • “Cyber China” From Operation Aurora to China Cyber attacks Syndrome

“Cyber China” From Operation Aurora to China Cyber attacks Syndrome

Pierluigi Paganini January 08, 2012

Cyber China is considered the most active persistent collector of Western intelligence and intellectual property, is it a syndrome or China represents a real threat?

When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection, we read everything and its opposite, and we are ready to blame all sorts of cyber threats to the China. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather on the real technological capabilities of Cyber China.

cyber china

It certainly has a high potential for cyber offensive but its quality is really arguable. China has the most extensive cyber-warfare capabilities. It began to implement an Information Warfare strategy in 1995 conducting a huge quantity of exercises in which computer viruses have been used to interrupt military and private communications. In 2000, China established a strategic Information Warfare unit, Net Force, which is responsible for “wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guidance systems.” Today The PLA GSD Third Department and Fourth Departments are considered to be the two largest players in China‘s burgeoning cyber-infrastructure.  In November 2011, Desmond Ball, a professor in the Strategic and Defense Studies Centre at Australia’s National University argues that the Chinese offensive capabilities today are pretty limited and he has also declared that the internal security has a bunch of vulnerabilities.

Ball says that China’s cyber-warfare capabilities are “fairly rudimentary”, and is actually able to organize massive attacks (e.g. DDoS attacks) with little sophistication. The technology solutions behind the malware used are really poor and this makes them really simple to detect and remove before any damage has been done or data were stolen. The capabilities shown cannot be sufficient to penetrate highly secure networks or covertly steal or falsify critical data. Are we really sure that behind the attacks are China’s hackers?

According to cyber analysts, hackers in China and their attacks have different digital fingerprints, easily recognizable by analyzing the used computer code, and studying the command and control computers that they used to move their malicious software. No doubt, analysts are convinced that the attacks are coming from the Chinese government, because they have tracked enough intrusions to specific locations to be confident they are linked to Beijing cyber structures. Consider that the threat was persistent, spreading malware in target computer networks again and again over the course of several months or even years.

Which are the countries being targeted by Cyber China and who are the real targets of these attacks.
Many cyber-intelligence operations have been conducted against numerous countries, including the United States, UK, Australia, New Zealand, Canada, Germany, France, the Netherlands, Portugal, Japan, South Korea, Taiwan, India, Pakistan, Iran, Thailand, the Philippines and Indonesia.

Consider that according to what has been published by the Office of the National Counterintelligence Executive report, prevalent usage of cyber operations is related to attempting to gain business and industrial secrets from companies, in this case from Americans.
Companies are frustrated that the government isn’t doing enough to pressure China to stop the attacks which the Chinese government has officially been providing protection and anonymity to those groups of hackers. In the last ten years, the attacks have increased dramatically broadened to target defense companies, critical industries, major firms also including critical infrastructure.
China is considered one of the most dangerous players of cyber espionage operations against world wide business. Forecasts for the next years aren’t encouraging because the government of China will maintain an aggressive approach and be capable of collecting sensitive economic, military and industrial information related to foreign nations. To give you an idea of the huge quantity of attacks reported in 2011 for which China was directly or indirectly considered responsible I submit an interesting table prepared by the security expert Paolo Passeri. The list includes prominent victims such as RSA. Obviously we do not have total certainty on the array of attacks, but the evidence suggests that behind all of these operations there is a single performer, China. Just last week Julian Assange has declared that Chinese intelligence penetrated into the intelligence system of the Indian government including
the Indian equivalent of FBI, the Central Bureau of Investigation. This event brings to the fore the need for governments have an appropriate cyber strategy so that National Security cannot be affected by such attacks.
The economic development of a nation can no longer ignore these cyber attacks regardless of its awareness of the cyber threat. Based on the above facts, I believe it is wrong to consider these attacks rudimentary as the effects demonstrate that they are really dangerous and efficient.

Another erroneous belief is that the Chinese government uses a large group of hackers to make the attack. According to a report supplied by the Associated Press the majority of the attacks emanating from China conduct by a few as a dozen groups of hackers under the control and coordination of the Chinese government.
What is the economic impact of cyber attacks on the U.S.? Considering a report recently released by the United States Office of the
Counterintelligence Executive (ONCIX) several billions of dollars are lost in intellectual property and classified information disclosure every year due cyber espionage.
We are warned that the constant barrage of cyber attacks against economic and critical systems will require a unified effort by government and the private sector to improve security following a well defined cyber strategy addressed by the central Governments. Cyber warfare has just begun, stay sharp

Pierluigi Paganini

Published on 

THN – Magazine | January 2012 http://news.thehackernews.com/THN-Jan2012.pdf | Issue 08

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Operation Aurora, hacking)

[adrotate banner=”13″]


facebook linkedin twitter

Botnets China CIA Hackers Hacking Intelligence

you might also like

Pierluigi Paganini July 13, 2025
Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb
Read more
Pierluigi Paganini July 13, 2025
Wing FTP Server flaw actively exploited shortly after technical details were made public
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

    Security / July 13, 2025

    Wing FTP Server flaw actively exploited shortly after technical details were made public

    Hacking / July 13, 2025

    SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

    Breaking News / July 13, 2025

    Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

    Breaking News / July 13, 2025

    McDonald’s job app exposes data of 64 Million applicants

    Hacking / July 12, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT