| Category | Details |
|---|---|
| State Actors | People’s Liberation Army (PLA), Ministry of State Security (MSS), Ministry of Public Security (MPS) |
| Cyber Operations Attribution | Since 2021, most operations attributed to China are linked to MSS, with a decrease in PLA-linked activities post-2015 PLA reform |
| Autonomy of MSS & MPS | Provincial departments of MSS and MPS enjoy a large degree of autonomy in cyber operations and rely on private companies for outsourcing offensive capabilities |
| Role of Civilian Actors | Patriotic hackers were initially involved in hacktivist campaigns and later integrated into state-sponsored operations, contributing to the development of malware |
| Hacktivism to Professionalization | After 2002, patriotic hackers stopped hacktivism and became professionalized, with many working in private companies and engaging in parallel activities like cybercrime |
| Hack-for-Hire Ecosystem | Leaks from I-SOON revealed that state actors subcontract cyber offensive services, with provincial and city-level outsourcing being common |
| Private Companies’ Involvement | Tech giants and smaller companies (e.g., I-SOON) provide cyber offensive capacities, with some offering niche digital services |
| MSS’s Role in Offensive Operations | MSS collects vulnerabilities from researchers and companies, which are then weaponized for use in state-sponsored operations |
| State & Private Cooperation | Chinese APTs likely involve collaboration between private and state actors, rather than being strictly associated with a single unit |
| Report Objective | The report provides an overview of China’s offensive cyber ecosystem, key actors, and their relationships, based on Sekoia’s analysis, open-source reports, and expert interviews |
| Acknowledgements | Special thanks to Ivan Kwiatkowski, Dakota Cary, and Eugenio Benincasa for their insights into the subject |
Read full article:https://blog.sekoia.io/a-three-beats-waltz-the-ecosystem-behind-chinese-state-sponsored-cyber-threats/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply