Thousands of cyberattacks against China detected in 2023 with their IP addresses being traced to the Philippines: Chinese cyber security company

By Guo Yuandan and Du Qiongfang (Global Times) 09:32, February 07, 2024

Thousands of cyberattacks against China were detected in 2023 with their IP addresses being traced to the Philippines, most of which were unsuccessful, the Global Time learned from a Chinese cyber security company on Tuesday, contrary to the baseless accusations and unfounded speculations made by certain officials from the Philippines that China had launched a cyberattack against the Philippine government and officials.

An information and communications ministry official from the Philippines accused China of being behind a hacking operation targeting the Philippine government website and email systems, Reuters reported on Tuesday.

In response to the Philippines' accusation, the spokesperson from the Chinese embassy in the Philippines issued a statement on Monday, strongly condemning the baseless accusations and unfounded speculations.

The Chinese government consistently opposes and resolutely combats all forms of cyberattacks in accordance with laws, not allowing any country or individual to engage in illegal activities such as cyberattacks within China's territory or using Chinese infrastructure, the spokesperson said.

The spokesperson also stressed that in the absence of factual evidence, some Philippine officials and media engage in malicious speculation and baseless accusations against China, and they even link these actions to the maritime disputes between China and the Philippines. Such words and deeds are highly irresponsible, said the spokesperson.

As a matter of fact, China is the biggest victim of cyberattacks. Li Baisong, deputy director of the technical committee of Antiy Technology Group, told the Global Times on Tuesday that cyberattacks against China with their IP addresses traced to the Philippines amounted to thousands in 2023, most of which were unsuccessful.

"We found that a certain proportion of the cyberattacks came from two non-governmental hacker groups from the Philippines named Anonymous Philippines and critzone and there were also some attacks difficult to identify and trace," Li said.

Xiao Xinguang, chief software architect from Antiy company, told the Global Times on Tuesday that China has long been subjected to attacks and disturbances from various threat actors, with frequent attacks coming from Northeast Asia, the Taiwan Straits, the South China Sea and South Asia.

According to Xiao, the cyberspace is a continuous battleground in the competition for geopolitical security interests among major powers. As the security issues of the geopolitical hotspots intensify, the complexity and intensity of cyber confrontations will also escalate.

The attack organizations that Antiy company has captured, analyzed, and exposed multiple times have all originated from the direction of geopolitical security hotspots in the vicinity of China. These threat actors have distinct political and economic backgrounds, engaging in well-organized and strategically targeted attack activities with advanced persistent threat (APT).

Amid geopolitical conflicts, the most representative examples of complex cyber confrontations are shown in the Russia-Ukraine conflict and the Israeli-Palestinian conflict.

In the Russia-Ukraine conflict, operations conducted by Russia, Ukraine, NATO, and other state actors focus on military systems and critical information infrastructure. Through intrusion breakthroughs and malicious code implantation, they obtain long-term control and realize continuous information theft, as well as paralyze or disrupt the operation of critical systems, Li said.

Whereas in the Palestinian-Israeli conflict, the cyber confrontation unfolds under the background of completely unbalanced power.

The hacking group named Storm-1133 reportedly associated with Hamas claimed to have infiltrated the website of the Israeli Ministry of Defense to steal data. However, the impact of their cyberattacks on the real-world conflict is limited, and these activities by civilian organizations are generally aimed at creating more political influence.

Nevertheless, the Israeli intelligence agency possess highly advanced attacking capabilities and consistently conducts cyberattacks and penetrations against neighboring countries. Its cyber intelligence capabilities play a crucial role in supporting their strategic intelligence capabilities.

Compared to other cases, the cyberattacks in the Russia-Ukraine conflict are characterized by their long-term, sustained, and strategically valuable nature within the context of great power competition and geopolitical considerations. The cyber domain in this conflict has clearly taken on attributes of a battleground.

Both experts think that with the accelerated global digital transformation, everything from the economy and society to military systems operates on a digital basis, so that cyber warfare will become the most asymmetric, covert, and revolutionary form of warfare, to which we must remain vigilant and establish robust strategic defense and tracing capabilities.

(Web editor: Tian Yi, Zhong Wenxing)


Related Stories