A recent Microsoft report on digital defense, titled “Microsoft Digital Defense Report 2023,” has uncovered that not only the United States, but China is suspected of engaging in cyber espionage operations against various countries in the Asia-Pacific region.
The nations being targeted include key trading partners like Indonesia. The report indicates that China’s state-sponsored campaign is a reflection of the Chinese Communist Party’s dual goals of extending global influence and gathering intelligence.
Moreover, Chinese cyber threat actors are actively conducting cyber operations worldwide, affecting both private and public entities.
They are also using the Belt and Road Initiative (BRI) to expand their global influence. These operations often focus on countries aligned with the Chinese Communist Party’s BRI strategy, including Malaysia, Indonesia, and Kazakhstan, according to Microsoft.
Microsoft has revealed that much of the gathered intelligence pertains to countries dealing with the South China Sea.
Primary Chinese threat groups
In the Asia-Pacific region, the primary Chinese threat groups are known as Raspberry Typhoon and Flax Typhoon.
Raspberry Typhoon primarily targets government ministries, military entities, and corporate entities linked to critical infrastructure, particularly in the telecommunications sector within the Association of Southeast Asian Nations.
They employ sophisticated spear-phishing campaigns to deploy their malware and have been persistently targeting ministry-level entities related to trade, intelligence, and finance since January.
On the other hand, Flax Typhoon focuses on critical infrastructure in Taiwan, such as IT and medical-related entities, as well as the defense sector, including contractors working with the US government, and media entities.
Flax Typhoon collects information about its targets, identifies vulnerabilities, and uses a custom VPN solution to gain access and maintain a presence in victim networks. These attacks are primarily geared towards intelligence gathering.