Chinese-affiliated groups are arguably the most capable and sophisticated anti-Western forces conducting cyber operations. For example, US Senator Mark Warner has remarked that compared to Chinese activities, Russian operations seem like child’s play. Unlike Russia, China often operates more covertly, focusing on cyber espionage and pre-positioning rather than service disruptions. While there are many Chinese-linked cyber groups, three distinct ‘typhoons ’ stand out.
Riding the typhoon waves
In the autumn of 2024, US authorities reported that the Chinese-affiliated group Salt Typhoon had infiltrated American telecommunications networks. This access enabled the group to obtain call logs and unencrypted text messages and even monitor conversations involving former President Donald Trump and presidential candidate Kamala Harris’s teams.
Another actor, Flax Typhoon, has taken control of hundreds of thousands of devices globally, forming an army of so-called zombie devices, also known as a botnet.
Meanwhile, Volt Typhoon has embedded itself within critical infrastructure in the United States. According to the White House, Volt Typhoon’s objective is less about stealing data and more about preparing to disrupt essential services – such as water, communications and heating – should China ever deem it necessary.
Three attacks suspected to involve Chinese groups
Salt Typhoon’s hacking operation began in the spring of 2024 and continues to this day. Public reports indicate that the group infiltrated the networks of at least 80 telecommunications companies worldwide, making this one of the most severe cyberattacks in history. The attackers allegedly managed to breach Donald Trump’s phone, gaining access to unencrypted communications, such as SMS messages and other data. The full extent of the damage is still under investigation.
Flax Typhoon infected over 200,000 devices, including routers and surveillance cameras, and formed a botnet used to conduct cyberattacks.
Hackers infiltrated the UK Ministry of Defence, stealing the personal data of more than 270,000 current and former military personnel. The stolen information included first and last names, bank details, addresses, and other personal records.
The attack is suspected to be the work of Chinese-affiliated actors.
‘Made in China’
Chances are, your phone was made in China. The same likely applies to your robot vacuum cleaner, air fryer and many other items in your home or office. It’s harder to find products not made in China than those that are.
While Chinese goods may often appear cheaper and beneficial to consumers, the reality is more complex. The lower prices are not only due to cheaper labour but also to substantial state support for Chinese industries.
This dynamic can lead to a situation where companies outside China struggle to compete, which might eventually make our critical products and services dependent on Chinese suppliers.
For example, Estonia’s electricity network operator, Elering, highlighted in its energy security report that a significant proportion of solar energy installations in Estonia rely on inverters produced by a single Chinese manufacturer. This dependency poses considerable risks to supply security, including vulnerabilities to cyberattacks, data monitoring by the Chinese government, and reliance on a single supplier for maintenance and procurement.
TikTok is watching you
It is widely known that TikTok collects user data, but is that a problem? Many might argue, ‘I have nothing to hide!’
However, personal data is a valuable asset and should be handled responsibly, which is precisely what the European Union’s General Data Protection Regulation (GDPR) aims to enforce. Chinese laws, however, are different.
Under Chinese law, all companies are required to share their data with the state – a fact publicly confirmed by TikTok’s CEO in court. Beyond knowing your favourite cat or dance videos, TikTok collects data about your device, contacts, calendar, other apps, Wi-Fi connections and more. All of this information is also used to develop artificial intelligence in China.
And remember your internet-connected air fryer? If it’s made in China, it’s likely sending data there as well.
China is one of the world’s most powerful nations and has openly challenged democratic countries, seeking to expand its influence in the digital realm as well as other spheres. Through various means, it aims to assert its dominance in cyberspace.
The Estonian Information System Authority advises businesses and other organisations to carefully evaluate the reliability of their supply chains; individuals should reconsider which apps and products they use.
Last updated: 17.02.2025
