China Faces Surge in Cyberattacks Targeting Key Sectors in 2024

China Faces Over 1,300 Advanced Cyberattacks in 2024

Over 1,300 advanced persistent threat (APT) attacks targeted 14 key sectors in China during 2024, primarily government agencies, education, scientific research, national defense, and transportation.

13 APT organizations, originating from South Asia, Southeast Asia, East Asia, and North America, were responsible for these attacks. Their motives included stealing sensitive data, conducting strategic sabotage, and serving political, military, or economic interests.

Chinese government agencies were the primary target, with functional units related to diplomacy, maritime affairs, and transportation management being particularly vulnerable. APT organizations also targeted the education sector, focusing on institutions specializing in national defense, military industry, international relations research, and technology.

The report highlighted the increasing targeting of China's new-energy vehicle industry and the shift towards attacking domestic software systems as a breakthrough point for APT organizations.

Among the most active APT organizations were APT-C-01 (Poison Ivy) from East Asia and APT-C-00 (Ocean Lotus) from Southeast Asia. Two new organizations, APT-C-70 (Rhino Unicornis) from South Asia and APT-C-65 (Golden Pothos) from East Asia, were also identified.

The report also revealed extensive use of 0day vulnerabilities by APT-C-39 (CIA) in cyber espionage operations against China and other nations.

The rapid advancement of large AI models in cyberspace brings both technological breakthroughs and regulatory challenges, requiring careful consideration to ensure their safe and responsible development.