Two analysts share their insights on China cyber-threats rising to the occasion with escalating DDoS, cyber-espionage and intelligence-gathering activities

In the past, pro-China threat actors have responded to political crises involving China with cyber-attacks.

On rare occasions, Chinese state-sponsored actors have been linked to DDoS campaigns, destructive attacks, and possible probing of critical infrastructure.

With the current crisis between the USA and China over Nancy Pelosi’s Taiwan visit, the website of Taiwan’s presidential office has just been the target of an overseas cyber-attack. With tensions rising, there may be more attacks as Chinese cyber-espionage groups attempt to learn more about what political leaders are thinking and planning to do.

According to CK Chim, Field Chief Security Officer (APAC), Cybereason, it will not be surprising at all to see DDoS attacks surface against the Taiwanese government since this form of attack is “both a fast and go-to tool for quick results and a normal ingredient to accompany more serious and invested attacks. While DDoS attacks can do real damage, it is often described as the ‘poor man’s attack’ since it can be staged relatively quickly, especially when leveraging an existing botnet or DDoS-as-a-Service.”

Chim reminds us: “Public and private sector organizations can combat DDoS attacks by preparing ahead of time: ensuring redundancy in network connectivity and having mitigation strategies ready. Do not just prepare for volumetric attacks (there are more kinds of DDoS than simple floods): drill in peacetime, and prepare for contingencies.”

Meanwhile, John Hultquist, Vice President of Intelligence Analysis, Mandiant, noted that other forms of cyber-threat activity has already been observed: “Two Chinese information operations we track have shifted their narratives in recent days to a focus on US House Speaker Pelosi’s expected visit and the supposed dangers of the situation. We anticipate that Chinese (threat) actors are also carrying out significant cyber-espionage against targets in Taiwan and the US to provide intelligence on the crisis.”