[13] Since Xi Jinping became General Secretary of the Chinese Communist Party in 2012, the Ministry of State Security (MSS) gained more responsibility over cyberespionage compared with the People's Liberation Army, and currently oversees various advanced persistent threats.
[14] According to security researcher Timo Steffens, advanced persistent threat (APT) groups in China leverage skills from private as well as public institutions and individuals, including smaller companies and hackers that take on government contracts.
[47] In May 2023, Australia, alongside other Five Eyes member states, identified the Chinese government behind the "Volt Typhoon" advanced persistent threat targeting critical infrastructure.
[58] In May 2023, New Zealand, alongside other Five Eyes member states, named the Chinese government as being behind the "Volt Typhoon" advanced persistent threat targeting critical infrastructure.
[49][50] The United States has accused China of cyberwarfare attacks that targeted the networks of important American military, commercial, research, and industrial organizations.
"[86] In October 2018, Bloomberg Businessweek published a report, citing unnamed corporate and governmental sources, which claimed that the PLA had forced Supermicro's Chinese sub-contractors to add microchips with hardware backdoors to its servers.
[91] In March 2021, United States intelligence community released analysis in finding that China had considered interfering with the election but decided against it on concerns it would fail or backfire.
[93][94][95][96] In May 2023, Microsoft and Western intelligence agencies reported that a Chinese state-sponsored hacking group affiliated with the PLA called "Volt Typhoon" had targeted critical infrastructure and military installations in Guam, Hawaii, Texas and elsewhere.
The groups had been using their services to research companies, intelligence agencies, cybersecurity tools and evasion techniques, translate technical papers, write and refactor code, and create phishing campaign content.
[102][103] The same month, leaked documents from an MSS, PLA, and MPS contractor based in Shanghai called I-Soon, also known as Auxun, provided details into a campaign to harass dissidents, activists, critical academics, and Uyghurs overseas.
[49][50] In September 2024, FBI director Christopher A. Wray announced that Chinese state hacking campaign known as Flax Typhoon, which targeted critical infrastructure, had been disrupted.
[112] In November 2024, Texas governor Greg Abbott ordered state agencies to harden critical infrastructure from cyberattacks from threats emanating from the PRC.
[121][122] In May 2023, the UK's National Cyber Security Centre, alongside other Five Eyes member states, identified the Chinese government behind the "Volt Typhoon" advanced persistent threat targeting critical infrastructure.
[48][123] In March 2024, the UK government and the United States Department of the Treasury's Office of Foreign Assets Control (OFAC) jointly sanctioned a Chinese MSS front company called Wuhan Xiaoruizhi Science and Technology and affiliated individuals for breaching the Electoral Commission and placing malware in critical infrastructure.
[126] During 18 minutes on April 8, 2010, state-owned China Telecom advertised erroneous network routes that instructed "massive volumes" of U.S. and other foreign Internet traffic to go through Chinese servers.
A US Defense Department spokesman told reporters that he did not know if "we've determined whether that particular incident ... was done with some malicious intent or not" and China Telecom denied the charge that it "hijacked" U.S. Internet traffic.