Military experts in China complain that their army lacks real combat experience, so Beijing treats the conflict in Ukraine as a chance to gather information about modern military tactics, Western weapons and ways of fighting.
Chinese hackers dealt with military espionage before the war in Ukraine (for example, in 2021 they attacked the Rubin Design Office, which was developed by submarines with ballistic missiles), and after the war experts began to observe a rapid increase in cyberoplation.
– tells the American journal iTay Cohen, a senior researcher at a company dealing with Palo Alto Networks cyber security, who has been following Chinese hacker groups for years.
China sticks Russia a political knife in the back
The number of attempts to penetrate Russian systems began to grow rapidly in May 2022, and Chinese hackers have been active since then.
– says Che Chang, a researcher from Taiwanese Teamt5, who identified one of the attacks and associated it with the Chinese government.
During this operation from 2023, a group called Sanyo She tried to get information about Russian submarines with atomic driveby sending e-mails from the addresses allegedly belonging to a large Russian engineering company.
Another group financed by Beijing tried steal information about satellite communication, radars and electronic combat systems from Rostec, according to Palo Alto Networks. Other hackers used malicious files that used gaps in Microsoft Word security to infiltrate Russian aviation companies and government agencies.
The Chinese are particularly interested in combat drones and softwarewe read in the FSB document. According to experts, it follows that China wants to study Russia's military experience to increase their own readiness for any future conflicts. However, Moscow is not ready to actively share such information with Beijing.
According to Rafe Pilling, a threat intelligence director at the Sophos security company, all Chinese hacker groups aimed at Russia, focus on gathering intelligence of a political and military nature. An example is the Mustang Panda cyberoperation against Russian defensive units and border guards near the Russian-Chinese border in Siberia in 2022.
Chan emphasizes that his team monitors another group, Slime19, which consistently attacks government agencies as well as the energy and defense sector in Russia.
