NEW DELHI: There is a noticeable uptick in cyberattacks aimed at NATO countries originating from Chinese IP addresses last week, said global cybersecurity firm Check Point Research (CPR).
CPR looked at the trend before and after Russia’s invasion of Ukraine and discovered that cyberattacks from Chinese IPs increased by 116% on NATO nations and 72% globally.
The cyber attacks cannot be linked to Chinese businesses or any known Chinese threat actor, according to CPR.
“As the Russia-Ukraine conflict intensifies, we grew curious around cyberattacks originating from China. We’re seeing significant increases in cyber attacks that originate from Chinese IP addresses. It’s important to underscore that we cannot make an attribution to the Chinese entities, as it is difficult to determine attribution in cyber security without more evidence. But what is clear is that hackers are using Chinese IPs to launch cyberattacks world-wide, especially NATO countries. The IPs are likely used by hackers within China and abroad,” Omer Dembinsky, Data Group Manager at Check Point Software.
Following the outbreak of the Russia-Ukraine crisis, hackers, both inside and outside of China, are increasingly using Chinese IPs as a resource to wage cyberattacks.
During the ongoing Russia-Ukraine war, Check Point Research (CPR) has seen an uptick in cyber threats originating from Chinese IP addresses.
The weekly average of worldwide attacks emanating from China per organisation was 72 per cent greater last week than it was before the invasion and 60 per cent higher than it was in the first three weeks of the fight.
Last week, the weekly average of cyber-attacks against NATO corporate networks originating in China was 116 per cent greater than it was before the invasion, and 86 per cent higher than it was in the first three weeks of the battle.
During the same duration, the growth is much larger than the overall global increase in cyber attacks.
“The trend can have many meanings. For example, the increase can indicate where it is now easy or cheap to set up and operate a service or where it is more opportune to hide the real origin of the attack. It can also indicate how global cyber traffic is being routed at this moment in time. CPR will continue to dig deeper into this trending observation in the weeks ahead. For now, we’re reporting only information on what we see,” said Omer Dembinsky, Data Group Manager at Check Point Software.
Follow The420.in on