Lithuania warns that China has ramped up espionage & cyber campaigns in this year’s National Threat Assessments. Cybersecurity and Digital Safety specialists benefit from studying and reflecting on other countries’ national threat assessments. The problem is selecting one that best matches the resources and capabilities that are more closely aligned with most of the world. You cannot compete with the resources from the Five Eye Countries (Aotearoa/New Zealand, Australia, Canada, United Kingdom, and United States). Fortunately, countries like Lithuania publish in-depth analyses of their National Threat Assessments detailing various concerns.
Take a pause and pull down Lithuania’s 2024 National Threat Assessments.
A tool to understand China’s threat actor complexity
I am always exasperated when I hear “high-level officials” and peers in the cybersecurity community talk about “the China threat” as one prominent monolithic threat actor. This frame of reference is the same bias that led to the 1941 Pearl Harbor attack being a surprise. China has multiple threat actors, each with its own commissioned and internal power play agendas. They compete with each other. They are huge. They have different industries, universities, and commercial operations supporting them. If you think it is “China,” you are missing potential intentions behind the incident. Lithuania’s 2024 National Threat Assessment has provided everyone in the cybersecurity community with a valuable illustration of the complexity and interest of the multiple Chinese threat actors:
Read through the report, highlight the various Chinese threat actors, and start looking for other sources that explore the complexity.
If some cyber security expert comes to you talking about the “China Threat,” ask them, “Which one?” Get them to go into details. For example, ask whether it is the People’s Liberation Army (PLA), State Secure, or Public Security. Then, ask if it is a commercial contractor or commissioned agent. All of these are factors in how you take action to counter their work.
What to learn more? Start with Booze Allen and Hamilton’s China’s Cyberattack Strategy Explained. The report provides a breakdown of the threat actors’ complexity, depth, and breadth.
Source: Booze Allen and Hamilton’s Chain’s Cyberattack Strategy Explained.
What is your next step?
Pull down and read Lithuania’s 2024 National Threat Assessment & Booze Allen and Hamilton’s China’s Cyberattack Strategy Explained. Combining the two would help you grasp the multiple vectors of interest from China’s “official” threat actors. If interested, watch the Beyond Espionage & Influence: China’s Cyberattack Strategy Webinar.
Are you looking for low-cost & effective cyber security & resiliency?
Do your homework before spending $$$ on vendor solutions that try to match many of the public benefit cybersecurity tools. Reach out to a community with decades of experience who seek to help organizations minimize their cybersecurity risk through essentials that leverage public benefit services (i.e. Shadowserver).
- Subscribe to the Senki Community Mailing List. Stay connected to Surfing Cybersecurity practical advice and critical “do this now” operation security recommendations by email.
- Subscribe to Senki’s YOUTUBE Channel for videos on this and other security topics.
- Ask questions to Barry Greene – bgreene@senki.org
The materials and guides posted on www.senki.org here are designed to help organizations leverage the talent around them to get started with their security activities. Start with the Operator’s Security Toolkit and Meaningful Security Conversations with your Vendors. Each is no-nonsense security for all Operators. It provides details to help them build more security-resilient networks. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights.