Law Enforcement

Answer

Supporting Evidence

Taiwan receives internet attacks from China very often, especially those on the websites, internet services or database of the public sectors. In August 2020, Investigation Bureau announced that, the Chinese hacker groups have been penetrating the internet services of government institutes and their information services providers. They specifically target the providers receiving government bids as they are usually in charge of the development and maintenance of important information systems. They would serve as the springboard to the government's services to steal the confidential and personal information.

1. https://www.mjib.gov.tw/news/Details/1/624
2. https://www.ithome.com.tw/news/139504

Answered by Lee Penghsuan, and has been reviewed by Chen Yu-jie

Answer

Supporting Evidence

1. https://archive.ph/hizgI
2. https://archive.ph/CVsBR
3. https://archive.ph/wip/BgVCo
4. https://archive.ph/wip/44T4w
5. https://archive.ph/wip/k1yjh

Answered by Nathan Attrill, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

See below.

1. https://www.zdnet.com/article/hacker-group-behind-singhealth-data-breach-identified-targeted-mainly-singapore-firms/
2. https://www.channelnewsasia.com/news/singapore/singhealth-hack-whitefly-cyber-espionage-group-symantec-11317330
3. https://www.todayonline.com/singapore/mindef-internet-system-hacked-personal-data-850-personnel-stolen
4. https://www.straitstimes.com/singapore/healthcare-training-provider-hmi-institutes-server-infected-by-ransomware
5. https://www.channelnewsasia.com/news/singapore/singtel-assessing-hack-data-breach-third-party-file-system-14168814
6. https://www.channelasia.tech/article/686732/singapore-airlines-warns-frequent-flyer-members-third-party-data-breach/
7. https://www.zdnet.com/article/singapore-airlines-customer-logs-into-account-sees-strangers-personal-data/
8. https://mustsharenews.com/data-breaches-singapore/
9. https://www.ft.com/content/4443da60-6d90-4d27-b300-b0896425f99f
10. https://www.straitstimes.com/singapore/more-than-1500-singpass-accounts-could-have-been-accessed-illegitimately-ida
11. https://www.bbc.com/news/world-asia-44900507
12. https://www.channelnewsasia.com/news/singapore/singapore-investor-watchdog-sias-uncovers-personal-data-breach-10562884
13. https://www.straitstimes.com/tech/tech-news/nearly-400-servers-here-at-risk-from-global-microsoft-hack
14. https://www.channelasia.tech/article/659206/singapore-government-credentials-found-dark-web/
15. https://www.channelnewsasia.com/news/technology/login-details-of-singapore-government-email-accounts-found-in-11366204
16. https://www.zdnet.com/article/axa-insurance-data-breach-hits-5400-customers-in-singapore/
17. https://www.forbes.com/sites/thomasbrewster/2021/06/10/are-the-fbis-most-wanted-chinese-spies-hacking-the-airline-industry/?sh=6fd61def237d

Supplementary Notes

Contacts in the tech and security industry report regular probes of Singapore cybersystems by suspected PRC-backed entities. There has been no smoking gun or official assigning of culpability by the Singapore state, however.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://portal.andina.pe/edpespeciales/2018/ciberataques-peru/index.html
2. https://web.archive.org/web/20220322080408/https://cdn.www.gob.pe/uploads/document/file/911157/Alerta_integrada_de_seguridad_digital_N__086-2020-PECERT.pdf

Supplementary Notes

According to Peruvian government press sources, in 2017 Peru ranked number 1 in Latin America for being a victim of the cybercrime called "ransomware" (data hijacking). In addition, on the report named "Integrated Digital Security Alert" issued by the Peruvian government (LINK 2 page 5 of 14), it was identified that there are at least 10 threat actors (such as "malware") all connected to China, dedicated to espionage activities that use Plug X, as a toll to cause destruction and damage to the business sector and the community.

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

See below link.

1. http://www.newdaily.co.kr/site/data/html/2020/10/07/2020100700155.html

Answered by 1 anonymous expert, and has been reviewed by PSA Team

Answer

Supporting Evidence

See below link.

1. https://www3.nhk.or.jp/news/html/20210420/k10012984761000.html

Answered by Maiko Ichihara, and has been reviewed by PSA Team

Answer

Supporting Evidence

See below link.

1. https://www.securityweek.com/china-linked-cycldek-hackers-target-vietnamese-government-military

Answered by Alexander Vuving, and has been reviewed by PSA Team

Answer

Supporting Evidence

See below links.

1. https://www.nytimes.com/2020/09/16/us/politics/china-hackers.html
2. https://www.reuters.com/article/us-cyber-solarwinds-china-exclusive/exclusive-suspected-chinese-hackers-used-solarwinds-bug-to-spy-on-u-s-payroll-agency-sources-idUSKBN2A22K8
3. https://www.justice.gov/opa/pr/two-chinese-hackers-working-ministry-state-security-charged-global-computer-intrusion

Answered by 1 anonymous expert, and has been reviewed by PSA Team

Answer

Supporting Evidence

1. https://www.manilatimes.net/2017/05/25/news/national/china-vietnam-behind-cyber-attacks-ph-asia/329196
2. https://manilastandard.net/business/economy-trade/347961/cyberattacks-from-china-threaten-ph-economic-interests.html

Supplementary Notes

The Philippines already filed about 60 diplomatic protests against China under the Duterte administration. Cyberattacks from China along with its growing business influence and military presence in the Philippines are posing a threat to the Philippines’ economic interests. The main concern of Senator Grace Poe is the government’s questionable capability to counter Chinese cyberattacks especially with the new DITO Telecom operating in the country which is co-owned by a Chinese national

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Winnti, others prior to it, and more recently the Hafnium attack of March 2021 (by the MSS). In Hafnium alone reportedly 90,000 German companies were targeted. Economic espionage is a major problem for Germany that the country is doing little about.

1. https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Answered by Didi Kirsten Tatlow and Yu-Fen Lai, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

The Czech MFA has been targeted by PRC-linked hackers for years.

1. https://www.irozhlas.cz/zpravy-domov/nukib-narodni-urad-pro-kybernetickou-a-informacni-bezpecnost-rusko-cina_1909251420_dok

Answered by Tobiáš Lipold and 1 anonymous expert, and has been reviewed by Martin Hála

Answer

Supporting Evidence

The UK’s Foreign Office network was breached in 2003 by Chinese-linked hackers. In 2022 another breach of the FCDO occurred but it is not clear whether this was linked to China. In 2020, there was a reported increase in opportunistic but state-led Chinese cyber attacks on UK companies including technical companies focussing on patient data as well as a major social care company. The attacks reportedly aim to steal information that could be of benefit to the Chinese government. In 2022. The Times and Sunday Times were also hit by a cyber attack, thought to be linked to China. This included the emails and documents of some employees and journalists. In 2021, there were also reports that British MPs (in particular those more critical of China and the CCP) had been the target of at least one successful cyber intrusion and have had a MSS cyber attack launched against them.

1. https://www.bbc.co.uk/news/technology-60309335
2. https://www.wired.co.uk/article/china-coronavirus-hacking-uk-us
3. https://www.thetimes.co.uk/article/the-times-and-sunday-times-hack-linked-to-china-mmlp0cg9h
4. https://www.smh.com.au/world/europe/china-cyberattack-on-british-mps-exposed-20210720-p58bgy.html

Answered by 1 anonymous expert, and has been reviewed by Martin Thorley

Answer

Supporting Evidence

1. https://www.wionews.com/world/chinese-cyber-threat-dragon-is-targeting-indian-telecom-and-defence-392350
2. https://inc42.com/features/the-anatomy-of-cyberwarfare-is-india-ready-to-take-on-china/

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://www.theguardian.com/technology/2022/apr/01/china-accused-of-launching-cyber-attacks-on-ukraine-before-russian-invasion

Supplementary Notes

Investigation claims that more than 600 websites, including Ukraine’s defence ministry, were subjected to thousands of hacking attempts coordinated by the Chinese government prior to Russian war against Ukraine

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://eenvandaag.avrotros.nl/item/aivd-honderden-cyberaanvallen-door-rusland-en-china/
2. https://www.volkskrant.nl/nieuws-achtergrond/chinese-staatshackers-drongen-binnen-bij-nederlandse-overheid-dankzij-wereldwijd-citrix-lek~b27bb767/
3. https://www.reuters.com/article/us-eu-cyber-idUSKBN2AY0F1

Supplementary Notes

In an interview in 2017, the head of the Dutch intelligence services claimed there had been 'hundreds' of cyber attacks from China, Russia and Iran on Dutch government organizations and companies. Chinese state hackers conducted a hack on government services in 2021. The issue is becoming increasingly serious

Answered by 1 anonymous expert, and has been reviewed by Sorin Ionita

Answer

Supporting Evidence

1. https://archive.ph/wip/jijbw
2. https://archive.ph/wip/VKiNy
3. https://archive.ph/wip/mqidB

Answered by Nathan Attrill, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Though there are not many recorded/reported instances of PRC-initiated cyberattacks, ones that are reported are relatively significant – affecting major outcomes in Indonesia (e.g. elections, information on national security through attacks on ministries of foreign affairs, science, and technology). This PRC-initated gathering and manipulation of geo-political intelligence is significant to the interests of Indonesia.

1. https://www.bloomberg.com/news/articles/2019-03-12/indonesia-says-poll-under-attack-from-chinese-russian-hackers
2. https://www.nytimes.com/2020/05/07/world/asia/china-hacking-military-aria.html
3. https://www.cnbc.com/2020/05/07/chinese-hacking-group-naikon-reportedly-spying-on-asia-governments.html

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

October 2020. U.S. government officials revealed that suspected Chinese hackers were behind a series of attacks on entities in Russia, India, Ukraine, Kazakhstan, Kyrgyzstan, and Malaysia. Link

1. https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents

Supplementary Notes

We assume there might be more attacks, but the information is not public.

Answered by Tatiana Sedova, and has been reviewed by Ani Kintsurashvili

Answer

Supporting Evidence

1. https://www.theverge.com/2018/1/29/16946802/china-african-union-spying-hq-cybersecurity-computers-backdoors-espionage
2. https://www.reuters.com/article/ethiopia-african-union-cyber-exclusive-idUKKBN28Q1EB

Answered by Jean Githae, and has been reviewed by Tolera Gemta

Answer

Supporting Evidence

1. https://www.standardmedia.co.ke/business/news/article/2000202822/survey-links-kenyas-cyber-attacks-to-china
2. https://www.fifthdomain.com/international/2018/08/17/china-is-hacking-countries-is-trades-with/

Answered by Mary Mutisya, and has been reviewed by Allan Cheboi

Answer

Supporting Evidence

54 incidents were assessed and found that the most common impact type was data exposure, which was also one that had increased noticeably in recent years. The most prevalent perpetrator type was found to be hacktivists, which had also exhibited a recent increase in activity. A particularly concerning trend was the recent high number of incidents of data exposure caused by error, a trend running contrary to the drive to improve cybersecurity. It was also found that of the incidents considered, 54% targeted state-owned or political entities as victims. In general, the results appeared consistent with global reported trends.

1. http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S2077-72132017000100006

Answered by Amanda Strydom, and has been reviewed by Chris Roper and Joyce Lin

Answer

Supporting Evidence

1. https://www.eleconomista.com.mx/tecnologia/Grupos-chinos-han-realizado-ciberespionaje-contra-Mexico-Mandiant-20190326-0015.html
2. https://teleinformatica.mx/2020/07/ataques-ciberneticos-provienen-de-china-y-rusia/
3. http://dnf.com.mx/ataques-ciberneticos-provienen-de-china-y-rusia/

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

• Chinese State-Linked Hackers in Large Scale Operation to Monitor Cambodia's Upcoming Elections, Report Says: …In a report released Wednesday, FireEye details how a well-known Chinese hacking group called TEMP.Periscope targeted opposition figures, government departments, rights defenders and media outlets. Among those compromised by the attacks was the Cambodian National Election Commission, Interior Ministry, diplomats and opposition lawmakers…. …Prominent Cambodian human rights group Licadho is named in the report as being targeted in one such attack. Naly Pilorge, director of Licadho, says the organization has dealt with more cyber attacks “in the past six months than in the past 10 years.”.. • …Any upheaval in Cambodia would be an issue for China considering their close partnership,” says Read, pointing to the recent election in Malaysia — in which the surprise outcome has caused a headache for Beijing with billions of dollars in infrastructure and construction contracts now being reevaluated…. Link • Chinese hackers breach Cambodian government ahead of country's general election Link • Chinese hackers target Cambodia opposition ahead of elections Link

1. https://time.com/5334262/chinese-hackers-cambodia-elections-report/
2. https://www.cyberscoop.com/temp-periscope-china-cambodia-government-hack-fire-eye/
3. https://www.cyberscoop.com/rancor-group-cambodia-palo-alto-networks/
4. https://www.ft.com/content/4d4482e6-84a0-11e8-96dd-fa565ec55929

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Malaysia warns of Chinese hacking campaign targeting government projects: …The purpose of the attacks has been to infect computers of government officials with malware and then steal confidential documents from government networks, Malaysia's Computer Emergency Response Team (MyCERT) said in a security advisory… Link China-linked hackers have targeted Malaysian government, officials warn Link …Malaysian Prime Minister Mahathir Mohamad, who took power after an election win in May, will be in China on Friday seeking to renegotiate and possibly cancel billions of dollars worth of Chinese-invested projects authorized by his predecessor, Najib Razak… Link Link (Xi weighs in on United Front work and the private economy; Bytedance, Oracle and Trump ; Taiwan; RMB; Shen Zhihua)

1. https://www.zdnet.com/article/malaysia-warns-of-chinese-hacking-campaign-targeting-government-projects/
2. https://www.cyberscoop.com/china-malaysia-fireeye-kaspersky/
3. https://www.reuters.com/article/us-malaysia-cyber-idUSKBN1L00X8
4. https://sinocism.com/p/xi-weighs-in-on-united-front-work

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://www.chip.com.tr/haber/cin-den-turkiye-ye-hacker-saldirisi_13971.html
2. https://siberbulten.com/sektorel/trky/cinli-hacker-grubunun-turk-devlet-kurumlarina-saldirdigi-ortaya-cikti/
3. https://www.hurriyet.com.tr/teknoloji/turkiyeye-cirkin-saldiri-12073764
4. https://www.dw.com/tr/yemeksepeti-hackerlar%C4%B1-konu%C5%9Ftu-20-milyondan-fazla-ki%C5%9Finin-verileri-elimizde/a-59893203

Supplementary Notes

Chinese hackers several times targeted websites of the Turkish Embassy in China, Turkish Foreign Ministry, other ministries, private enterprises and Turkish Uyghur groups and individuals. The reason for most of the attacks are related to China’s treatment of its Uyghur population which has close cultural, linguistic and religious links with Turkey.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

There have been reports that China hacked the Bulgarian Foreign Ministry along the foreign ministries of other European countries. In 2021, the hacking of the system that issues covid certificates was said to have been conducted also from Chinese locations, among others.

1. https://bnr.bg/horizont/post/101545783/spored-informacionno-obslujvane-balgaria-e-obekt-na-golama-kiber-ataka
2. https://bntnews.bg/bg/a/113406-kitajski_hakeri_atakuvat_evropejski_vynshni_ministerstva

Answered by Rumena Filipova and Mirela Petkova, and has been reviewed by Matej Šimalčík

Answer

Supporting Evidence

The Belgian State Security Service (VSSE) warns of Chinese espionage targeted agains Belgian interests. However, many suspected activities are directed against the EU institutions or the NATO located in Belgium.

1. https://diplomatie.belgium.be/en/news/declaration-minister-foreign-affairs-malicious-cyber-activities
2. https://www.rtbf.be/article/la-belgique-accuse-des-pirates-chinois-de-cyberattaques-contre-la-defense-et-l-interieur-11033718
3. https://www.euractiv.com/section/politics/short_news/belgium-hacked-most-likely-by-china/
4. https://www.vrt.be/vrtnws/en/2019/11/23/belgian-trade-mission-suffers-massive-attack-in-china/
5. https://www.rtbf.be/article/cyberattaque-dune-vaste-ampleur-en-belgique-des-suspicions-despionnage-coordonne-par-un-etat-etranger-10769166
6. https://www.politico.eu/article/belgium-defense-ministry-hit-with-cyberattack/
7. https://www.scmp.com/news/world/europe/article/3039940/how-belgium-became-drawcard-spies-and-gateway-chinese-espionage
8. https://euobserver.com/world/148409

Answered by 1 anonymous expert, and has been reviewed by Alfred Gerstl

Answer

Supporting Evidence

Uncovered in spring 2013, a large-scale spying of the IT networks at the Finnish Ministry for Foreign Affairs focused on data traffic between Finland and the European Union and is believed to have continued for four years. A more recent large-scale cyberattack targeting the Finnish Parliament with the Finnish Security Intelligence Service (FSIS) revealing for the first time that the attack was of PRC origin.

1. http://yle.fi/uutiset/mtv3_large-scale_network_spying_uncovered_at_mfa/6911394
2. https://yle.fi/news/3-11843748

Answered by 2 anonymous experts, and has been reviewed by Richard Turcsányi

Answer

Supporting Evidence

There are many reports on this showing the significance, though there are not that many.

1. https://www.elperiodico.com/es/sociedad/20200918/hackers-china-datos-vacuna-espana-covid19-8117592
2. https://www.businessinsider.es/cni-revela-paises-estan-detras-ciberataques-espana-546485

Answered by Hernan Alberro, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

The official report on the Poland’s cyber security for 2020 is not available yet, therefore the cyber security threats form China were evaluated based on reports from previous years and media reports. The share of attacks from China in total number of attacks has diminished in recent years and the PRC is no longer the top source of cyberthreats. There have been also no reports about major Chinese attack targeting Polish entities during the period covered by this report. This result does not necessarily reflect the real threat from China as cyber protection in Polish enterprises especially SME is not very good and many threats or intrusions could be simply undetected.

1. https://csirt.gov.pl/cer/publikacje/raporty-o-stanie-bezpi/969,Raport-o-stanie-bezpieczenstwa-cyberprzestrzeni-RP-w-2019-roku.html
2. https://csirt.gov.pl/cer/publikacje/raporty-o-stanie-bezpi/964,Raport-o-stanie-bezpieczenstwa-cyberprzestrzeni-RP-w-2018-roku.html
3. https://csirt.gov.pl/cer/publikacje/raporty-o-stanie-bezpi/964,Raport-o-stanie-bezpieczenstwa-cyberprzestrzeni-RP-w-2018-roku.html
4. https://csirt.gov.pl/cer/publikacje/raporty-o-stanie-bezpi/958,Raport-o-stanie-bezpieczenstwa-cyberprzestrzeni-RP-w-2017-roku.html

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://www.challenges.fr/entreprise/defense/apt31-les-dessous-de-la-cyberattaque-chinoise-contre-la-france_774451

Answered by Filip Noubel, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Lithuanian intelligence agencies have been reporting on malicious use of Chinese cyber capabilities observed in Lithuania since at least 2020.

1. https://www.vsd.lt/wp-content/uploads/2020/02/2020-Gresmes-En.pdf
2. https://www.vsd.lt/wp-content/uploads/2022/04/ANGL-el-_.pdf

Answered by Konstantinas Andrijauskas, and has been reviewed by Vida Macikenaite and Linas Didvalis

Answer

Supporting Evidence

1. https://romania.europalibera.org/a/sri-suspecteaza-hackerii-care-au-atacat-spitalele-romanesti-sunt-de-origine-chineza/30012594.html
2. https://www.agerpres.ro/justitie/2019/06/21/sri-autorii-atacurilor-cibernetice-de-la-spitale-de-origine-chineza--329721

Supplementary Notes

In 2019, Health Minister Sorina Pintea announced the existence of ransomware cyber attacks on four Romanian hospitals: "Victor Babeș" - Bucharest, Huși, Dorohoi and Alba, based on reports by the Romanian Intelligence Service (SRI)

Answered by 1 anonymous expert, and has been reviewed by Sorin Ionita

Answer

Supporting Evidence

October 2020. U.S. government officials revealed that suspected Chinese hackers were behind a series of attacks on entities in Russia, India, Ukraine, Kazakhstan, Kyrgyzstan, and Malaysia.

1. https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents

Answered by Bakytbek Satybekov, and has been reviewed by Ani Kintsurashvili and Mariam Usenashvili

Answer

Supporting Evidence

In 2013, Kaspersky Lab’s Global Research & Analysis Team discovered a large-scale cyber-espionage network which they called “Red October.” It was able to infiltrate important state and non-state substructures (including diplomatic, governmental and scientific research organizations in different countries, mainly of Eastern Europe and the former USSR) and initiate an elaborate cyber-espionage even retrieving deleted files, in case they were of any interest to the creators of the virus. According to Kaspersky, evidence indicated that the cyber-espionage campaign was active starting from 2007 before being detected in 2013. Armenia made the top ten most infected list with ten cases of infection with the virus. Russia was the most attacked country with 37 cases of Red October infections. It has never been revealed who launched Red October. Security experts were able to detect traces of Russian in the coding but those could have been intentionally planted in an attempt to divert attention. Moreover, Russia was the main target of this attack. There are plausible traces indicating China’s involvement. Parts of the used technology could be linked to programs used against Tibetan activists and are assumed to be used by China's special services.

1. https://www.evnreport.com/politics/armenia-at-the-center-of-state-sponsored-cyber-attacks

Answered by Artak Kyurumyan, and has been reviewed by Ani Kintsurashvili and Mariam Usenashvili

Answer

Supporting Evidence

Check Point Research (CPR) detects an ongoing cyber espionage operation targeting the Afghan government. Attributed to a Chinese-speaking hacker group, the threat actors impersonated the Office of the President of Afghanistan to infiltrate the Afghan National Security Council (NSC) and used Dropbox to mask their activities. CPR believes that this is the latest in a longer-running operation that dates as far back as 2014, where Kyrgyzstan and Uzbekistan are also victims- Link The governments of Afghanistan, Kyrgyzstan and Uzbekistan have all been targeted by a Chinese-state-backed advanced persistent threat (APT) group, dubbed IndigoZebra, according to intelligence produced by Check Point Research (CPR)- Link

1. https://blog.checkpoint.com/2021/07/01/cyber-espionage-on-afghanistan-kyrgyzstan-and-uzbekistan-by-chinese-speaking-hacker-group/
2. https://www.computerweekly.com/news/252503401/Cyber-espionage-campaign-targeted-central-Asian-states

Answered by Farkhad Tolipov, and has been reviewed by Salome Svanidze

Answer

Supporting Evidence

There are a few reports available regarding this. But they are insignificant.

1. https://archive.dhakatribune.com/bangladesh/2021/04/02/cyber-attacks-hit-over-200-organizations-including-bangladesh-bank-btrc
2. https://www.reuters.com/article/us-usa-fed-bangladesh-philippines-idUSKCN0WP1YQ
3. https://eurasiantimes.com/china-spreads-to-india-bangladesh-and-nepal-frauds/

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Hackers known to affiliate with PRC hacked security council email network of the former Republic regime. Insignificant because of new regime.

1. https://www.voanews.com/a/east-asia-pacific_voa-news-china_chinese-hackers-attacked-afghan-council-network-cybersecurity/6207719.html

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Este informe revelado en abril del 2022 establece que solamente un 7% de los ciberataques que sufre el Gobierno de Costa Rica y sus instituciones provienen de China. Actualmente, el Gobierno sufre desde mayo una gran oleada de ciberataques que tienen en jaque grandes instituciones, como Hacienda y la Caja Costarricense de Seguro Social (CCSS), a través del malware Conti, con cabeza en Rusia pero que pueden venir desde una gran cantidad de localizaciones en el mundo.

1. https://delfino.cr/2022/04/informe-internacional-senala-que-gobierno-recibe-cerca-de-1580-ciberataques-semanales
2. https://bit.ly/3GTIkjE

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://tcrn.ch/3GTKf83

Supplementary Notes

Aunque no existen reportes directos en el país, pero si la sospecha en medios especializados de acciones sobre varios países incluidos el Ecuador (ver enlace 1).

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://www.iai.it/sites/default/files/iaip2152.pdf
2. https://sinopsis.cz/wp-content/uploads/2021/11/it0.pdf

Supplementary Notes

No sign that state espionate or cyber-attacks from the part of the PRC are seen as a risk. The only potential such discussion could be had surrounding the Huawei 5G discussion, which has been closed

Answered by 1 anonymous expert, and has been reviewed by Sorin Ionita

Answer

Supporting Evidence

Not really. Pakistan has suffered cyber attacks from India, but not much from China. Indian media accuses Pakistan of acting as China’s proxy against India.

1. https://www.orfonline.org/research/pakistan-emerges-as-chinas-proxy-against-india/
2. https://therecord.media/chinese-apt-groups-targeting-india-pakistan-and-more-with-sophos-firewall-vulnerability/

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Not Found

Supplementary Notes

Again not publicly available.

Answered by 1 anonymous expert, and has been reviewed by Ani Kintsurashvili and Tinatin Khidasheli

Answer

Supporting Evidence

Not Found

Supplementary Notes

No Public Evidence

Answered by Umedjon Majidi, and has been reviewed by Ani Kintsurashvili

Answer

Supporting Evidence

No evidence of this

Answered by Eromosele John Aitokhuehi, and has been reviewed by Lekan Otufodunrin

Answer

Supporting Evidence

No evidence

Answered by Christian Ngnie, and has been reviewed by Fadel Thior

Answer

Supporting Evidence

No evidence of cyber attacks directed at the Brazilian government, critical infrastructure apparatus or companies suspected of originating from the PRC was found.

Answered by 1 anonymous expert, and has been reviewed by another 2 anonymous experts.

Answer

Supporting Evidence

No reports of cyber attacks targeting government, critical infrastructure, or enterprises, that were suspected to be initiated from the PRC.

Answered by Eloisa Larrea Montaño, and has been reviewed by another 2 anonymous experts.

Answer

Not Found

Supplementary Notes

There have been recent cyberattacks to the National Directorate of Migration, but there are no reports on attacks suspected to be initiated in the PRC (Link)

1. https://www.google.com/search?q=ciberataque+a+la+direccion+nacional+de+migraciones&oq=ciberataque+a+la+direccion+nacional+de+migraciones&aqs=chrome..69i57j33i10i160l2.13919j0j4&sourceid=chrome&ie=UTF-8

Answered by 1 anonymous expert, and has been reviewed by another 2 anonymous experts.

Answer

Supporting Evidence

There are no reports/ suspicion of cyber attack initiated from China.

1. https://www.elobservador.com.uy/nota/uruguay-gasto-us-960-mil-en-resolver-ciberataques-de-alto-impacto-en-el-primer-semestre-202012315500

Answered by 1 anonymous expert, and has been reviewed by another 2 anonymous experts.

Answer

Supporting Evidence

Not Found

1. https://www.cert.gov.py/application/files/7616/1521/7981/Informe_Ciberseguridad_Paraguay_2020_-_final-2.pdf

Supplementary Notes

The main destinations from which cyber attacks come is not the PRC.

Answered by 1 anonymous expert, and has been reviewed by another 2 anonymous experts.

Answer

Supporting Evidence

There was the arrest of a suspect in Hong Kong in relation to a cyber-attack to Bank of Chile, but there is no talk of Chinese government entities.

1. https://www.24horas.cl/economia/policia-de-hong-kong-detiene-a-sospechoso-por-millonario-ciberataque-a-banco-de-chile-2793449
2. http://www.economiaynegocios.cl/noticias/noticias.asp?id=497084

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

There are no reports of this happening.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

This is highly unlikely if not close to impossible due to the close relationship between the Venezuelan and the PRC governments.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Not Found

Answered by 1 anonymous expert, and has been reviewed by PSA Team

Answer

Supporting Evidence

According to CNBC, cyber hacker group Naikon is targeting countries including Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei. Link ... Spotted by Isreali cybersecurity firm Check Point, the hacker group known as "Naikon" is attacking governments in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei -- targeting foreign affairs, science and technology ministries with an aim to gather "geo-political intelligence,"… Content from the Kaspersky also supports this group. Link Presence of Chinese hackers in Thailand and some of their illegal activities are found on the net. But cyber-attack targeting govt etc. is not found. As part of the campaign, different groups of Chinese hackers have compromised telecoms operators in countries including Turkey, Kazakhstan, India, Thailand and Malaysia, the four sources said. Those countries are frequently used as transit routes by Uighurs to travel between Xinjiang and Turkey in what human rights activists say is an attempt to escape state persecution. Link Chinese hackers using Thailand as a base nabbed Link

1. https://www.cnbc.com/2020/05/07/chinese-hacking-group-naikon-reportedly-spying-on-asia-governments.html
2. https://www.kaspersky.com/resource-center/threats/naikon-targeted-attacks
3. https://www.reuters.com/article/us-china-cyber-uighurs-idUSKCN1VQ1A5
4. https://www.nationthailand.com/in-focus/30379819

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Not in the given time-frame.

Supplementary Notes

“It has been claimed that the cyberattack against the Estonian Ministry of Foreign Affairs was part of a wider Ke3Chang operation aimed at the foreign ministries of several EU member states that began in 2010 but reached its zenith in 2013-2014.” Link

1. https://news.postimees.ee/6771074/chinese-intelligence-increasingly-setting-sights-on-estonia

Answered by Frank Jüris, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

There are no official (publicly available) security or intelligence reports on this issue in Bosnia and Herzegovina.

Answered by Tobiáš Lipold, Amina Celikovic, Selma Asceric, Darko Brkan, Emir Velic, Semir Dzebo, Aldin Karahasanovic and Emir Muric, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

No Evidence Found.

Answered by 1 anonymous expert, and has been reviewed by Ani Kintsurashvili

Answer

Supporting Evidence

No Evidence Found.

Answered by 1 anonymous expert, and has been reviewed by Ani Kintsurashvili

Answer

Supporting Evidence

No Evidence Found.

Answered by 1 anonymous expert, and has been reviewed by Ani Kintsurashvili

Answer

Not Found

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Not Found

Answered by Edval Zoto, and has been reviewed by another 1 anonymous expert.

Answer

Not Found

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

"Latvia's Ministry of Foreign Affairs (MFA) said July 19 it was concerned by "malicious cyber activities targeting and affecting democracy, security and economies of the EU Member States and our allies and partners, both at the state level and the level of private entities and institutions"."- Link Additionally, attack on Latvian cyber space has not been identified.

1. https://eng.lsm.lv/article/society/crime/latvia-calls-on-china-to-stick-to-international-cyberspace-rules.a413570/

Answered by Una Berzina-Cherenkova, and has been reviewed by Salome Svanidze

Answer

Supporting Evidence

No Available data on this question

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

There has been attempted hacking on the government of ghana website but its origin is unknown

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Not Found

1. http://www.xinhuanet.com/english/africa/2020-07/20/c_139227235.htm

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Interview with the director of information service at the Gambian Ministry of Information indicate this is yet to happen in the Gambia.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

The PRC has usually clung to the mantra that it will be close to any Zambian government

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Not Found

Answered by Filip Noubel, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

NA

Supplementary Notes

There is no evidence that suggest otherwise.

Answered by 2 anonymous experts, and has been reviewed by Kristína Kironská

Answer

Not Found

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Not Found

Answered by 2 anonymous experts, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

Si bien el número de ciberataques aumentó durante la pandemia no se ha podido identificar a China como el país de procedencia.

1. https://bit.ly/3lYUC0A
2. https://bit.ly/38Tapv5

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

If cyberattacks happen in Moldova, they are usually traced back to Russia or non-affiliated hackers

Answered by Eugen Muravschi, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

No Evidence Found.

Answered by Gubad Ibadoghlu and Vusal Guliyev, and has been reviewed by Ani Kintsurashvili

Answer

Supporting Evidence

No evidence found.

Answered by 1 anonymous expert, and has been reviewed by Salome Svanidze

Answer

Supporting Evidence

No such incident occurred.

Answered by Hernan Alberro, and has been reviewed by another 1 anonymous expert.

Answer

Supporting Evidence

1. https://www.diepresse.com/598953/chinesen-hacken-oesterreichs-aussenministerium

Supplementary Notes

There are no public report of such incident in recent years. Currently, Russia is the more likely source of such attacks. However, the potential source is never publicly mentioned. Earlier in 2010 the Austrian MFA reported a cyberattack, which it suspected to have come from China.

Answered by 2 anonymous experts, and has been reviewed by Alfred Gerstl

Answer

Answered by 2 anonymous experts, and has been reviewed by Richard Turcsányi

Answer

Supporting Evidence

1. https://blog.talosintelligence.com/2022/05/mustang-panda-targets-europe.html
2. https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/

Supplementary Notes

The Chinese hacker group "Mustang Panda" has attacked many countries around the world in 2022, including Greece. Mustang Panda has attacked not only governments but also NGO and other private sectors. It is not clear whether it was the Greek government or some other organization that was attacked.

Answered by 1 anonymous expert, and has been reviewed by another 1 anonymous expert.