Protecting Against a New Wave of Chinese Cyberattacks

Brian Gant, assistant professor of cybersecurity in the John E. Simon School of Business at Maryville University, talks about the latest wave of cyberattacks directed against the U.S. government, businesses and individuals, and how they might be prevented in future.

The most recent cyberattacks allegedly emanating from China are necessarily different in nature than earlier ones, Gant says, and their targets have been widespread. Together they constitute a message being delivered by China to the West: “We’re here, and we want to make sure you understand that we have the means to conduct surveillance and espionage.”

China is thought to be the source of many of the attacks in part because of its control over the TikTok social media platform. “The Chinese government has a direct path to information about U.S. citizens, whether we like it or not,” Gant says.

A majority of the attacks amount to “spearfishing,” the practice of casting a wide net over potential targets in order to identify those individuals with the most privileged access to sensitive information. They might be individuals in defense, government and manufacturing, all of whom possess critical data that can be exploited by hackers. “Intel and data are the most powerful things in the world,” Gant says, “because you can manipulate them and use them to your advantage.”

Of particular concern is the wave of ransomware attacks. Targeted entities are forced to decide whether to pay the ransom in order to unfreeze their systems, on which lives might depend.

Gant says “educational awareness and transparency” are key to protecting systems against cyberattacks. He declares himself “amazed” at how siloed organizations are reluctant to share information about attacks that could help others fend off similar events. On the positive side, a number of public-private partnerships are working together to figure out ways to ward off the most dangerous and sophisticated attacks.