More than half of computer malware attacks in China from overseas entities in 2019 originated in the US, according to data from a government-affiliated cybersecurity team.

 

The total amount of computer malware attacks captured by the National Computer Network Emergency Response Technical Team (CNCERT) was over 62 million in 2019, and around 53.5% of foreign attacks were from the US, lower than a year before when there were in excess of 100 million incidents, the Team said.

 

Russia and Canada were the second and third largest contributors to computer malware attacks against China, accounting for 2.9% and 2.6% respectively of the total number of foreign attacks.

 

The number of new malicious attacks directed against mobile networks was nearly 2.8 million in 2019, 1.4% lower than a year earlier, the first decline in such attacks in five years, according to CNCERT.

 

CNCERT, which issued a cybersecurity report on Tuesday, describes itself officially as a “non-governmental non-profit” agency but a 2019 job post on their website said it sits “directly under the Cyberspace Administration of China”, the nation’s top Internet watchdog.

 

Cybersecurity is currently rising up the international agenda amid escalating tech and trade tensions between the US and China.

 

Chinese agencies and diplomatic missions were targeted by hackers through their virtual private network (VPN) servers in a coordinated cyber espionage campaign earlier this year, at a time when many governments and global organisations are more vulnerable than ever to security breaches due to remote working arrangements amid the pandemic, according to a report by leading Chinese cybersecurity provider Qihoo 360 in April.

 

Meanwhile, the Trump administration has taken action against Chinese social apps TikTok and WeChat for allegedly posing a national security threat. The US Justice Department also accused a pair of Chinese hackers in July of targeting vaccine development on behalf of the country’s intelligence service as part of a broader years-long campaign of global cybertheft aimed at industries such as defence contractors, high-end manufacturing and solar energy companies.

 

China recently tightened its cybersecurity rules, requiring “critical information infrastructure” to undergo a cybersecurity review process for any procurements that could have national security implications. The criteria may push companies to steer clear of multinational providers that are more likely to be viewed as a higher risk to China's national security, experts said.

 

“Faced with the new trends and challenges in cybersecurity,” CNCERT said in the report. “[We should] speed up innovation of cybersecurity technology, develop the industry, cultivate talent and foster collaboration.”

 

 - SCMP