The Author is Former Director General of Information Systems and A Special Forces Veteran, Indian Army

US officials found suspected Chinese malware across several military systems, which according to experts is quite different, in that, unlike previous attacks this malware is likely to disrupt operations rather than undertake mere surveillance, as reported in New York Times last month. According to the news report, the attacks first came into the public eye in May after Microsoft identified the malicious code in telecommunications software in Guam, where the US houses the Andersen Air Force Base.

US officials told media that investigations into Chinese malware had been underway for several months prior and that the malicious code has infiltrated US military systems across the country and abroad. According to George Barnes, Deputy Director of US National Security Agency, "China is steadfast and determined to penetrate our governments, our companies, and our critical infrastructure." This new wave of malicious code has the ability to disrupt US military and civilian operations.

Experts reveal a concerning shift in Chinese cyber tactics as suspected malware targets US military systems, designed to disrupt operations rather than mere surveillance.

According to CNN, US Secretary of State Antony Blinken had raised the issue of Chinese hacking while meeting Chinese diplomats in Indonesia during July 2023. A senior State Department official referring to Blinken's meeting said, "We have consistently made clear that any action that targets US government, US companies, American citizens, is a deep concern to us and that we will take appropriate action to hold those responsible accountable and the Secretary made that clear again."

According to US media, the malware could allow China to cut off power, water, and communications to military bases in the event of conflict, as it could also potentially impact personal homes and businesses across the country. Rob Joyce, Director of Cyber-security at the US National Security Agency, called the nature of this malware "really disturbing." The Chinese malware revelations echo a pattern of recent breaches by China-based hackers.

A series of sophisticated cyberattacks by China-based hackers exposes weaknesses in US agencies, including the State Department, Commerce Department, and federal organisations.

Recently, the email account of Nicholas Burns, US Ambassador to China was hacked. Earlier, Microsoft and the White House confirmed that China-based hackers breached email accounts at two dozen organisations, including some federal agencies. The Joe Biden administration believes the hacking operation (which Microsoft believes was launched in mid-May) gave the Chinese government insight about the US thinking heading into Antony Blinken’s trip to Beijing in June. Among the agencies targeted were the State Department and the Department of Commerce, which has sanctioned Chinese telecom firms. US officials and Microsoft analysts initially had trouble identifying how the hackers got into the email accounts, which made clear that they were dealing with a sophisticated hacking team.

China’s cyber prowess is well established. China can be expected to launch cyber attacks on the critical infrastructure in the event of conflict, not only power, water and communications to military bases, but also pipelines, railways, ports and aviation systems to impede mobilisation, movement and deployments. Connected networks, as part of highly connected digital ecosystems are ideal targets for cyber attacks since attack on any ecosystem, civil or military, would shatter the confidence, which is the mainstay of cohesion. India has been experiencing Chinese cyber attacks periodically. However, discovery of this new Chinese malware present in US systems to disrupt operations is a new development, which needs to be taken note of. Apparently, the malware lies dormant in the system until activation, which may or may not lead to its discovery.

Chinese hackers target sensitive data from global manufacturing and technology firms, aligning with the nation's strategic economic plan to secure data for technological advancement.

Additionally, US officials and cyber-intelligence analysts point to China’s “Made in 2025” plan for achieving economic dominance; a rubric for the types of companies whose data Chinese hackers have targeted. Chinese government-linked hackers have attempted to steal sensitive data from some three dozen manufacturing and technology firms in the US, Europe and Asia. According to the Boston-based security firm ‘Cybereason’, Chinese hackers targeted blueprints for producing materials with broad applications to the pharmaceutical and aerospace sectors. The firm discovered the activity only last year but said the hacking campaign dates to at least 2019, and that reams of data could have been stolen in the interim.

Adam Meyers, Senior Vice President of intelligence at the cyber-security firm ‘CrowdStrike’ says, “In 2016, we started to see a major shift in Chinese intrusion operations to groups that are now associated with the Ministry of State Security. China’s global cyber-espionage campaigns have increasingly targeted big repositories of valuable data such as telecom and internet service providers, rather than single organisations. I think that they’ve really upped their game in terms of going after broader infrastructure, so it’s more difficult to really pinpoint that they were doing economic espionage.”

Neighbouring Pakistan's alleged use of Israeli cyber-technology tools raises concerns of cross-border espionage and surveillance, casting a wider shadow over regional security

Another development in India’s immediate neighbourhood is that Pakistan’s Federal Investigation Agency and various police units in the country have been using cell-phone hacking technology tools - products produced by the Israeli cyber-technology firm ‘Cellebrite’ since at least 2012. Pakistan has no relations with Israel and Pakistani passports are valid for all countries but not recognised by Israel. Pakistan reportedly procured the cell-phone hacking technology tools from Cellebrite via Singapore. This would be in use to spy on Indians.