After a period of reduced cyberactivity targeting the United States, a new report from CrowdStrike shows Chinese hacking operations are once again increasing.
CrowdStrike’s annual Global Threat Report outlines several shifts in the cyber threat landscape. The 2019 report, titled “Adversary Tradecraft and the Importance of Speed,” highlights that China is gathering intelligence to support its “Made in China 2025” industrial strategy.
That strategy is designed to preserve and advance China’s leadership in manufacturing as global technology and supply chains evolve. With the United States and some allies moving to exclude Chinese telecom vendors like Huawei from 5G networks, telecoms is a sector where Chinese companies risk losing ground.
CrowdStrike observed that Chinese-aligned threat actors focused heavily on the telecommunications and hospitality industries over the past year. Data from those sectors could give Chinese firms a competitive advantage in future commercial and strategic development.
Many major Chinese companies are subject to state influence; Chinese law requires both domestic and foreign firms to maintain Communist Party committees, reinforcing the close ties between private industry and government priorities.
In 2015, then US President Barack Obama and Chinese President Xi Jinping reached an understanding to curb state-sponsored cyberespionage aimed at each other’s commercial secrets. That agreement corresponded with a temporary decline in such operations for a couple of years.
“By 2017 they started coming back and throughout 2018 they were back in full force. They have been very active and we expect to see that continue,” Adam Meyers, a vice president at CrowdStrike, told Bloomberg.
Targets identified in recent operations include major corporations such as Boeing, T-Mobile, and General Electric Aviation. Sensitive US military networks were also breached, with attackers obtaining information like missile plans and ship maintenance records. In December, two Chinese nationals were arrested on allegations of stealing government and military information.
Rising tensions between the US and China — including the trade dispute initiated during the Trump administration — appear to be one of the drivers behind the renewed cyber activity. Some analysts argue that Washington’s pressure on allies to restrict Chinese 5G equipment suppliers is interwoven with broader commercial and security competition.
US Secretary of State Mike Pompeo warned allies against using Huawei technology, arguing that reliance on the vendor could complicate cooperation with the United States.
Security concerns about integrating Chinese firms into Western networks persist, grounded in past incidents and strategic considerations. A recent analysis from a longstanding international defense and security think tank warned that allowing Huawei to participate in 5G deployments could be a risky decision, pointing to China’s history of using cyber operations to further state interests.
Although there was a brief lull in high-profile state-linked cyberespionage, current reporting suggests China and the United States have resumed intense, covert cyber competition.
(Photo by Alondra Olivas on Unsplash)
Interested in hearing industry leaders discuss topics like this and learn from their experiences? Attend the Cyber Security & Cloud Expo World Series, with upcoming events in Silicon Valley, London, and Amsterdam, to explore these issues further.