Russia and China-sponsored hackers threaten the world with cyberattacks

William S. | August 10, 2022

State-sponsored cyberattacks are carried out to espionage secret government data, disrupt services or identify and exploit national infrastructure vulnerabilities. According to the data collected by the Atlas VPN team, Russia and China sponsored over 50 cyberattacks in 2022, with Ukraine being the most targeted country.

The data is based on Council on Foreign Relations Cyber Operations Tracker. The cyber operations tracker categorizes all instances of publicly known state-sponsored cyber activity since 2005. The tracker only contains data in which the threat actor is suspected to be affiliated with a nation-state.

Russian-backed hackers carried out 27 cyberattacks in 2022. The attacks mainly targeted Ukraine due to the war started by Russia. Ukrainian government websites, organizations, and broadcasting companies suffered a total of 23 espionage, data destruction, or denial of service attacks.

Some Russia-sponsored attacks spilled out to neighboring Eastern European countries, such as Lithuania and Latvia. Hackers targeted each of them in 3 cyberattacks.

China has sponsored 24 cyberattacks this year so far. State-backed hackers attacked the United States, Indian and Taiwanese governments and organizations. With the growing tensions between China, Taiwan, and the US, such cyberattacks could happen even more often in the year's second half.

North Korea-sponsored hackers engaged in 9 cyberattacks. North Korean cybercriminal Lazarus Group was responsible for most of the attacks. Their main targets were the US and South Korea. Furthermore, they attacked cryptocurrency companies, for example, the hack on Axie Infinity, in which hackers walked away with $600 million worth of crypto.

Iran sponsored 8 cyberattacks in 2022. Most of their attacks were against countries in the Middle East or the US. Other countries that backed cyberattacks targeted activists, journalists, or opposing political party leaders.

Besides Ukraine as the most attacked country, the US was the second most targeted with 10 attacks. Russia and India followed next, as both suffered 7 state-sponsored cyberattacks.

Government espionage

Cyberattacks carried out with the support of governments are typically well-resourced and highly sophisticated, allowing them to inflict tremendous harm on their victims. Hackers usually target government entities, businesses, activists, journalists, or the military.

State-sponsored hackers carried out 44 cyberattacks against government entities in 2022. Espionage is the primary reason behind such attacks. Some hackers use malware, which destroys sensitive government information, causing unrepairable damages.

The private sector suffered from 37 state-sponsored cyberattacks. Hackers target companies for monetary gains, which they can use later to fund future attacks. Threat actors also want data about customers held by businesses.

Hackers targeted civil society in 29 state-sponsored cyberattacks. Civil society refers to activists, journalists, and politicians from the opposition party. Often governments sponsor such attacks against their own citizens to find incriminating information about them.

State-sponsored threat actors carried out 6 cyberattacks on military officials. Espionage on government, private sector, civil society, and military accounted for 66 cyberattacks. Hackers performed 6 cyberattacks to sabotage physical processes, such as the provision of electricity. Cybercriminals also carried out the same number of denial of service attacks.

As geopolitical tensions rise, so does the possibility of state-sponsored cyberattacks. It is hardly a surprise that mainly China and Russia are responsible for many of the threats that governments and businesses face. Their hackers are well-funded and persistent, which makes them capable of extremely damaging cyberattacks.