Disruptive cyberattacks by the People’s Republic of China (PRC)* are a growing threat to U.S. national security. Organizations need to understand what sparks these attacks. They need to anticipate risks. And they need to be ready to counter these threats. That’s why our cyber threat intelligence team wrote a new study on PRC cyberattacks called Same Cloak, More Dagger: Decoding How the People's Republic of China Uses Cyberattacks.
In this report, the team put together more than a dozen case studies from the past decade. They then analyzed these attacks to reveal their logic. Finally, they created tools to help organizations prepare for this threat. These tools include:
- A framework for anticipating and interpreting China’s cyberattacks
- Insights and actionable advice for threat analysts and chief information security officers (CISOs)
- A catalog of threat actors and tactics
- Factors that increase the likelihood that PRC cyberattacks will target or impact organizations
China uses cyberattacks below the threshold of war to coerce its rivals. For instance, it has targeted American critical infrastructure to deter U.S. involvement in Asia. China’s cyberattacks can affect government agencies, global corporations, and small businesses—either directly or via cascading risks.
As tensions rise between China and Taiwan, it’s crucial to understand when, where, and how these attacks may occur—and how they might affect global supply chains. Cybersecurity teams can get ahead of future threats. There are clear steps that threat analysts and CISOs can take. All U.S. critical infrastructure entities—and businesses with global interests—should prepare by strengthening their security and resilience.
*Note: Consistent with U.S. policy, this report uses “People’s Republic of China” (PRC) and “CԲ” interchangeably. Statements about “China’s” actions, intentions, capabilities, and responsibility for cyberattacks refer only to the government of China.