2023 will go down in history as the year that China’s state-sponsored hackers advanced their ability to wage cyber warfare against the U.S.
Chinese hackers used to focus on stealing America’s commercial secrets and personnel information (see examples here and here). But this year, Chinese hackers have expanded their reach by collecting intelligence on U.S. government agencies and breaching systems of infrastructures with strategic value.
In May 2023, The New York Times reported that a Chinese state-sponsored hacking group had installed malware in electric grids in Guam and other parts of the U.S. since February 2023, probably seeking to cut off power to the U.S. military in case China invades Taiwan.
Microsoft disclosed in July that China-based hackers “gained access to email accounts affecting approximately 25 organizations in the public cloud, including government agencies as well as related consumer accounts of individuals,” since May 15, 2023. The affected government agencies included the U.S. State Department. U.S. national security officials identified the hackers as affiliated with Chinese intelligence. Google Cloud’s Mandiant senior vice president and chief technical officer, Charles Carmakal, called Chinese hackers’ techniques “very advanced.”