Question of the Fortnight
Who should we fear more - Russian or Chinese hackers?
On the face of it, this question looks easy to answer. In mid-october Russia’s deputy foreign minister Oleg Syromolotov said Britain has been his country’s enemy “since Ivan the Terrible”, nearly 500 years ago, and Moscow would launch a “severe” response if attacked.
His comments came in response to 5,000 British troops simulating cyberwarfare against the Kremlin, preparing for the possibility of a Russian attack against the West. Tensions have heightened since startling allegations from the UK, US and Netherlands that Russian hackers targeted anti-doping agencies, a US nuclear company, the global chemical weapons watchdog and Fifa. Surely Russia represents the greatest danger?
But China is actually responsible for more cyber-attacks worldwide. Researchers at Crowdstrike, which provides cyber-security for half the world’s 20 biggest multinational companies, say China has overtaken Russia as the most prolific country targeting companies, government departments, think tanks, international organisations and universities.
They said China has become “a bigger threat” after a reorganisation of the country’s People’s Liberation Army (PLA) effectively put hacking in the hands of individual computer experts.
The White House claims that China is attempting to meddle in the US mid-term elections, which will be held in November. FBI director Christopher Wray said the country “represents the broadest, most complicated, most long-term counterintelligence threat we face”.
He added: “Russia is in many ways fighting to stay relevant after the fall of the Soviet Union. They’re fighting today’s fight. China is fighting tomorrow’s fight.”
But security experts say China’s motives are more commercial than political - it wants to steal business secrets, such as patents for new technology, not spread fake news or damage national infrastructure.
Its top target is technology companies, specifically those specialising in biotech, which is the use of biological processes to make products in areas like medicine, farming and food production.
In 2017 the UK’S National Cyber Security Centre, working with BAE Systems and Pricewaterhousecoopers, identified a group of Chinese hackers called APT10 that attacked IT firms running operations for large British companies. The hackers built their own malware to infect systems, and infiltrated companies by sending spear-phishing emails to staff.
These hacks are serious for the companies targeted, but attacks on national infrastructure - as plotted by Russia - would cause more damage, and potential loss of life. UK authorities are taking the threat extremely seriously.
In January, Defence Secretary Gavin Williamson warned that Russia is planning an attack that could “kill thousands and thousands” and plunge the country into “chaos”.
As relations deteriorated following the poisoning of Sergei Skripal in Salisbury, GCHQ said it would “continue
to expose Russia’s unacceptable cyber behaviour”. It feared retaliation for the UK expelling 23 Russian diplomats who the Government called “undeclared intelligence officers”.
There’s a growing acceptance that Russia’s actions are dragging the world into a new cold war, fought by hackers in cyberspace rather than soldiers on the ground.
The UK’S Chief of the Defence Staff, General Sir Nick Carter told Sky News: “Russian espionage, Soviet espionage, has never stopped. It’s deeply embedded in Russia’s DNA to use the capabilities that it has to disrupt our nations, to pursue their own national interest, to, as it were, reinforce Putin in power”.
For now, all eyes are trained on Moscow. More evidence of attacks is sure to emerge. But China is playing a longer game, hacking companies to build economic strength for decades to come. The West must be prepared to defend both fronts.
Russian espionage, Soviet espionage, has never stopped. It’s deeply embedded in Russia’s DNA