As the Russia-Ukraine war began, China-backed groups stepped up hacking attempts targeting Russian companies and government agencies, according to The New York Times, citing cyber analysts.
These cyberattacks intensified in May 2022, following Moscow’s full-scale invasion of Kyiv, even as Presidents Xi Jinping and Vladimir Putin publicly praised a new era of cooperation and declared their bilateral ties had “no limits.”
In 2023, a Chinese group known as Sanyo posed as representatives of a major Russian engineering firm to gather intelligence on nuclear submarines, according to findings by Taiwanese cybersecurity firm TeamT5.
Experts believe that China’s military and technological capabilities now surpass those of Russia, though Chinese military strategists have long acknowledged their lack of real combat experience. The Russia-Ukraine conflict, they say, has given Beijing a valuable opportunity to observe modern warfare tactics and assess the effectiveness of Western military equipment.
Moscow labels Beijing 'enemy'
A classified FSB (Russia's domestic security agency) counterintelligence document obtained by The New York Times reveals Moscow's growing concerns regarding China's espionage.
The document has labeled China an "enemy" and acknowledges Beijing's efforts to acquire Russian defence technology and learn from its military operations in Ukraine.
Russia has never acknowledged the concerns in public.
Russia's Rostec targeted
Rostec, Russia's state-owned powerful defence conglomerate, was targeted by one of China’s state-backed group to seek information on satellite communications, radar and electronic warfare according to the NYT report.
Some groups use malicious files, intended to exploit vulnerabilities in Microsoft Word, to penetrate Russian aviation industry targets, cited Palo Alto Networks.
"The war in Ukraine fundamentally shifted intelligence priorities for both countries," said Itay Cohen, a senior researcher with cybersecurity firm Palo Alto Networks.
In 2023, Russian cybersecurity firm Positive Technologies reported that several Russian organizations, including those in the aerospace, private security, and defense sectors, were targeted in cyberattacks. These attacks involved the use of Deed RAT, a malware tool typically linked to Chinese state-sponsored hacking groups.
Cybersecurity experts noted that Deed RAT is a proprietary malware, unique to these groups and not available for sale on the dark web, unlike many other hacking tools.
Reports of China-backed cyber intrusions into Russian entities had surfaced even before the Ukraine conflict. In 2021, for instance, Chinese hackers reportedly targeted Russian submarine design firms.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
