Over 1,300 overseas APT attacks target China's 14 key sectors in 2024: cybersecurity report - Global Times

Sign in CHINA / SOCIETY Over 1,300 overseas APT attacks target China's 14 key sectors in 2024: cybersecurity report By Liu Caiyu Published: Feb 11, 2025 12:47 PM Cyber security Photo: VCG An annual report from a Chinese cybersecurity firm revealed on Tuesday that over 1,300 advanced persistent threat (APT) attacks have targeted 14 key sectors in China in 2024. Among these, government agencies, education, scientific research, national defense and military industry, and transportation are the five most heavily affected sectors. The APT organizations behind these attacks are primarily 13 organizations originating from South Asia, Southeast Asia, East Asia, and North America, the report by 360 Security Group sent to the Global Times showed on Tuesday. Attackers engage in cyber intrusions to steal sensitive data or conduct strategic sabotage, serving the political, military, or economic purposes of their sponsors, 360 Security Group told the Global Times.  In 2024, Chinese government agencies emerged as the primary target of foreign APT organizations. Functional units related to government agencies, such as diplomacy, maritime affairs, and transportation management, were the main targets of APT attacks, according to the report.  APT organizations targeting diplomatic entities aim to collect information on China's latest diplomatic strategies and stances on key international issues, enabling their sponsors to gain a competitive edge, the cybersecurity company told the Global Times.  In the education sector, institutions with a background in national defense and military industry, international relations research, and technology-focused universities were key targets for APT organizations, the report said.  The cybersecurity company warned that these cyberattacks not only target military intelligence and disrupt communications but also pose risks of infiltrating military facilities, paralyzing command and control networks, and faking and disseminating false directives. This capability makes cyber warfare an indispensable part of modern military conflicts. Other prominent features in the report showed that in recent years, China's new-energy vehicle industry has emerged rapidly, and APT organizations have increasingly set their sights on this sector.  As China's innovation and localization processes continue to advance, the security barriers in its cyberspace are being strengthened. APT organizations have shifted their focus to attacking domestic software systems as a breakthrough point, launching supply chain attacks, according to the report. With the promotion of the systematic construction of cybersecurity in China, enterprises and institutions in China are gradually strengthening their own cybersecurity barriers. APT organizations have turned to targeting domestic software systems as a launching pad for attacks, exploiting the permissions of vendor software systems within the target network to bypass the network defenses of the attack targets and achieve their attack objectives.  "A successful supply chain breach by APT organizations can have widespread repercussions, given the extensive adoption of domestic software systems among Chinese enterprises and institutions," the 360 Security Group said.  Among the 13 identified APT organizations, the most active are APT-C-01 (Poison Ivy), originating from East Asia targeting China's government, education, and transportation sectors, and APT-C-00 (Ocean Lotus) from Southeast Asia, which targets government agencies, education, and scientific research. In 2024, two new APT organizations: APT-C-70 (Rhino Unicornis) from South Asia and APT-C-65 (Golden Pothos) from East Asia were identified.   The report also revealed that the hacking organization APT-C-39 (CIA) has extensively exploited 0day vulnerabilities in its cyber espionage operations against China and other nations. In 2024, APT-C-39 targeted key units related to cutting-edge technologies in China's aviation, aerospace, and materials science sectors, stealing sensitive technological information and research data. In 2024, evidence of APT-C-39 (CIA) targeting research and defense-related objectives in China was captured. It used a trojan program distributed through the server of a domestic security vendor's office application to conduct infiltration attacks and exfiltrate data from client devices, the report said. In 2024, the use of 0day vulnerabilities by APT organizations in their attacks remained high. In addition to 0day vulnerabilities, a significant number of 1-day and n-day vulnerabilities were also exploited, with 0day vulnerabilities targeting mobile platforms continuing to show an upward trend, the report said. The rapid advancement of large AI models in 2024 has reshaped cyberspace, bringing both technological breakthroughs and regulatory challenges. The report highlighted the need to address risks and governance issues associated with these AI-driven transformations. RELATED ARTICLES GT Podcast with Mulan: China to contribute to stabilizing global growth in 2025 - US urged to explore coexistence in cyberspace with China China's GDP grew 5 percent year-on-year to 134.9 trillion yuan in 2024, surpassing the 130-trillion-yuan threshold for the ... DeepSeek faces surging cyberattacks, US IPs among thousands targeting Chinese AI start-up Chinese AI start-up DeepSeek has been subjected to a series of sophisticated and large-scale cyberattacks over the past ... Cyberattacks against DeepSeek escalate with botnets joining, command surging over 100 times: lab Cyberattacks targeting Chinese AI start-up DeepSeek suddenly escalated on early Thursday with attack commands surging by more than ... US' ban on DeepSeek shows ignorance of technology: head of cybersecurity firm The US government's announcement to ban DeepSeek shows an ignorance of technology, Zhou Hongyi, the founder and chairman ... MOST VIEWED 1 China lodges representations during Paris trade talk to US over Section 301 investigation on 60 economies over 'forced labor': MOFCOM 2 Trump says he demands seven countries escort ships through Strait of Hormuz 3 China says US 301 trade probe targeting 60 economies seriously disrupts international economic and trade order 4 China, US maintain communication regarding Trump's China visit: FM 5 Chinese economy 'gets off to a good start', as major indicators outpace market expectations in first 2 months of 2026: official data 6 China urges de-escalation as US seeks help in securing Hormuz passage; US tries to drag in others to turn issue into a multilateral one: expert CHINA Politics Society Diplomacy Military Science Odd China Graphic SOURCE GT Voice Insight Economy Comments Company B&R Initiative Biz Graphic OPINION Editorial Observer Global Minds Asian Review Top Talk Viewpoint Columnists Cartoon LIFE Cultural Influencer Attitudes Culture Entertainment Travel VISUAL NEWS Video Graphics Gallery Specials MISCELLANEOUS In-Depth World Sport Newsletter About Us Careers Contact Us Advertisement Terms of Service Copyright © 2025 Global Times All Right Reserved 违法和不良信息举报电话：010-65363263   举报邮箱：jubao@people.cn   京ICP备11001615号-7