China has become one of the prime targets for hackers, thanks to limited availability of encryption and security resources. The most common perception of Chinese hackers is that of state-backed operatives targeting foreign governments, which in some cases may be accurate. However, both the government as well as businesses in China are plagued by cyberattacks, costing the nation billions of dollars every year.
According to Zheng Bu, a former executive at cybersecurity firm FireEye, there exists a 400,000-strong criminal hacker community in China and its proliferate activities is costing the country around 100 billion yuan ($15bn, £11.5bn) every year.
A 2016 PwC survey conducted on around 330 CEOs and IT directors of both foreign and domestic companies operating within China and Hong Kong revealed a disturbing increase in cyberattacks involving malware, ransomware, stolen data and more. Respondents reported a 417% year-over-year increase in “detected security incidents”.
“There is a large criminal ecosystem in China,” said FireEye Asia-Pacific CTO Bryce Boland, Bloomberg reported. Given the current widespread government restrictions on security technology, which China’s proposed cybersecurity bill is slated to expand further, businesses and individuals are believed to be struggling to combat cyber threats.
Accessing data in China is like “buying cabbage”
According to PwC, the customer databases are one of the most lucrative targets for hackers. China’s increasing dependence on mobile payment services like WeChat Wallet and Alipay may be making it an attractive target for hackers looking to make a quick buck. Readily available public Wi-Fi, popularly used by Chinese consumers can also offer hackers avenues for easy access to data.
“Most people don’t check who is the real administrator of a public Wi-Fi connection,” said Mangesh Fasale, a malware analyst at security firm F-Secure. “Hackers in China often make decoy Wi-Fi access points, and if you connect to them, they can access whatever is on your phone.”
One hacker, who leaked personal information of top officials of the Communist Party as well as high-profile businessman, including Wanda Group CEO Wang Jianlin and his son, boasted about how easy it is for someone to access sensitive and personal information in China. “It’s easy to figure out anybody’s information, whether you’re a government official or a celebrity,” the anonymous hacker tweeted. Getting the common people’s data is like buying cabbage.”
50% hacks are inside jobs
According to PwC, 50% of institutional hacks were inside jobs. “Usernames, ID card information, credit card details — it’s very common for all this data to be stolen,” said Kenneth Wong, PwC’s cybersecurity head for China and Hong Kong. “There have been many incidents where people have gone to websites or trade shows and registered their personal information, and soon after, they will find all their ID information has been leaked online.”
According to Lester Ross, a partner in Beijing’s law firm WilmerHale, hackers targeting China have two main objectives. “First, to extort, to force a company or individual to pay money in order to resolve a problem. And second, to extract proprietary information to benefit somebody else, possibly another company or the government.”
Future uncertain for China’s cybersecurity
China’s new proposed cybersecurity law, which has already been reviewed twice and could come into effect by the end of 2016, could impose further restrictions on already limited security technology. The bill would obligate both domestic and foreign firms operating within China to host corporate data, including sensitive user data, exclusively on Chinese servers. The bill would also require the hardware, network equipment and other services to be first accredited by local authorities, before being either used or sold in China.
“China is trying to have more control over cybersecurity technology, which is not something that’s ever done to increase the quality of cybersecurity,” said SANS Security director John Pescatore. “It’s always done so that a government can maintain its access through the technology.”