The most famous Chinese cyberattacks
How hackers made China one of ‘the world’s pre-eminent cyber players’
Cyberattacks have become a well-polished weapon in China’s armoury over the past decade.
Used as methods of espionage, state-sponsored data breaches and server hacks pose a significant threat to global security and public safety. And far-reaching attacks have established China as “one of the world’s pre-eminent cyber players”, says cybersecurity firm IronNet.
Cybercrime worldwide has risen by 600% during the Covid-19 pandemic, according to research published by business insurance company Embroker.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Analysts point to China as one of the main culprits. Even before the virus hit, China had overtaken Russia as the biggest state sponsor of cyberattacks against the West, research has found - although Beijing tells a very different story.
“China is a staunch guardian of cybersecurity and also one of the biggest victims of hacking,” a spokesperson for the UK’s Chinese Embassy said in July 2020. “We oppose and crack down, in accordance with law, all forms of cyber espionage and attacks.”
Lack of physical evidence and self-erasing digital footprints can make identifying who is responsible for an attack challenging. However, patterns of behaviour and methods are used to help to identify hackers, with global networks of so-called ‘ethical hackers’ aiding the process.
These cyberattacks that have made digital history in the past decade are widely believed to have been orchestrated by China:
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
January 2010: Operation Aurora
Hackers exploited a flaw affecting some versions of Internet Explorer to attack companies including Google and Adobe. A “zero-day vulnerability” was exploited, the term given to a newly discovered vulnerability within software which hasn’t yet been fixed by the owner. Until it is, the software is vulnerable to cybersecurity risks.
Speaking to Wired after the incident, McAfee’s vice president of threat research Dmitri Alperovitch said: “We have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack… It’s totally changing the threat model.”
January 2013: The New York Times
The New York Times’s reporters and employees were victims of a sustained four-month cyberattack. The hack was instigated after the paper’s Shanghai bureau chief David Barboza published an investigation into how relatives of the then Chinese prime minister, Wen Jiabao, accrued a fortune “worth several billion dollars through business dealings”, the paper reported.
The hack was conducted “using methods” consistent with those “associated with the Chinese military in the past”, the paper continued. “The attacks started from the same university computers used by the Chinese military to attack United States military contractors in the past.”
After The New York Times released the news, The Wall Street Journal followed suit, reporting the next day that its computers had also been infiltrated by Chinese hackers.
April 2015: US Office of Personnel Management
A cyberattack on America’s Office of Personnel Management (OPM), the agency that manages the government's civilian staff, began in November 2013 and continued until April 2015. The personnel files of more than 20 million people were stolen during the hack, including fingerprint records and social security numbers.
Officials were aware hackers were accessing the OPM servers from March 2014, but believed a system reset in May 2014 would “purge the attackers”, reports CSO Online. “Unusual activity” wasn’t again detected by OPM until almost a year later.
July 2017: Equifax
The personal data of more than 147 million Americans was at risk in 2017 when hackers accessed the systems of credit-reporting agency Equifax. One of the most severe attacks to have taken place, credit card numbers and home addresses were among the stolen data. “On a scale of one to ten, this is a ten,” fraud analyst Avivah Litan said at the time, the BBC reported.
In 2020, four Chinese military hackers were indicted for the 2017 infiltration of Equifax systems. Speaking of this attack and others, including the OPM data breach, US Attorney General William Barr said: “This data has economic value, and these thefts can feed China’s development of artificial intelligence tools as well as the creation of intelligence targeting packages.”
May 2020: easyJet
The data of nine million easyJet customers was compromised in what the airline described as a “highly sophisticated cyberattack”. As is often the case, “it took time to understand the scope of the attack and to identify who had been impacted”, easyJet told the BBC at the time.
“The tools and techniques used” identified a group of Chinese hackers as suspects “thought to [be] behind multiple attacks on airlines in recent months”, The Telegraph reported.
July 2020: the Vatican
The Vatican’s computer systems were attacked by suspected state-sponsored Chinese hackers. The hack took place ahead of talks between Beijing and the Vatican about the renewal of a “provisional two-year deal on the operation of the Catholic Church in China”, Reuters reports.
The attack targeted communications between the Vatican and Hong Kong diocese using methods “previously identified with state-backed hacking groups”. In November 2020, The Guardian reported that the Vatican’s Apostolic Library was battling 100 cyber threats a month, attacks which could “impact the Vatican library’s reputation” and “have significant financial ramifications”. However, direct links between China and these attacks have not been reported.
2020: coronavirus
Since March 2020, Chinese and Russian hackers have “become focused on one topic”, senior vice-president of IT security specialists Crowdstrike, Adam Meyers, told The Guardian, “referring to Covid-19”.
On 7 July 2020, two Chinese hackers were indicted for a sustained series of cyberattacks over a decade. The most recent was claimed to be targeted at Moderna Inc, and US officials said the attack had been conducted “in a bid to steal data”, Reuters reported.
Although China claimed its own vaccine research “is so far ahead it has ‘no need to steal what others are doing’”, The Guardian continued that, in September last year, “Chinese hackers were accused by Spain of stealing Covid research secrets from labs in a ‘particularly virulent’ campaign”.
-
Today's political cartoons - December 21, 2024
Cartoons Saturday's cartoons - losing it, pedal to the metal, and more
By The Week US Published
-
Three fun, festive activities to make the magic happen this Christmas Day
Inspire your children to help set the table, stage a pantomime and write thank-you letters this Christmas!
By The Week Junior Published
-
The best books of 2024 to give this Christmas
The Week Recommends From Percival Everett to Rachel Clarke these are the critics' favourite books from 2024
By The Week UK Published
-
Why Assad fell so fast
The Explainer The newly liberated Syria is in an incredibly precarious position, but it's too soon to succumb to defeatist gloom
By The Week UK Published
-
Romania's election rerun
The Explainer Shock result of presidential election has been annulled following allegations of Russian interference
By Sorcha Bradley, The Week UK Published
-
Russia's shadow war in Europe
Talking Point Steering clear of open conflict, Moscow is slowly ratcheting up the pressure on Nato rivals to see what it can get away with.
By The Week UK Published
-
Cutting cables: the war being waged under the sea
In the Spotlight Two undersea cables were cut in the Baltic sea, sparking concern for the global network
By The Week UK Published
-
The nuclear threat: is Vladimir Putin bluffing?
Talking Point Kremlin's newest ballistic missile has some worried for Nato nations
By The Week UK Published
-
Russia vows retaliation for Ukrainian missile strikes
Speed Read Ukraine's forces have been using U.S.-supplied, long-range ATCMS missiles to hit Russia
By Arion McNicoll, The Week UK Published
-
Has the Taliban banned women from speaking?
Today's Big Question 'Rambling' message about 'bizarre' restriction joins series of recent decrees that amount to silencing of Afghanistan's women
By Harriet Marsden, The Week UK Published
-
Cuba's energy crisis
The Explainer Already beset by a host of issues, the island nation is struggling with nationwide blackouts
By Rebekah Evans, The Week UK Published