China and Russia are arguably NATO's main strategic competitors and potential adversaries. Since 2017, Beijing and Moscow have conducted cyber-espionage operations against NATO members, and the two countries have also reportedly displayed more coordination in the cyber domain. These concerns have become more pressing since the outbreak of war in Ukraine, where multiple sources have shown alleged evidence of Chinese and Russian cyber-operations coordination. While it is commonly accepted that China and Russia cooperate at the strategic level in the cyber domain, this article aims at better understanding whether these two nation-states are also coordinating their affiliated cyber threat groups. We investigate this, drawing on multiple open-access data and sources. Specifically, we empirically examine the activity of three Chinese groups, Mustang Panda, Scarab and Judgment Panda, to assess the presence and degree of coordination with their Russian counterparts. Our analysis shows that, as far as the examined groups are concerned, there was no coordination between Russian and Chinese campaigns, and the latter group sometimes even targeted sensitive Russian civilian and military infrastructures.
Divided We Hack: Exploring the Degree of Sino-Russian Coordination in Cyberspace During the Ukraine War
Melella, Cosimo;Calcara, Antonio
2023-01-01
Abstract
China and Russia are arguably NATO's main strategic competitors and potential adversaries. Since 2017, Beijing and Moscow have conducted cyber-espionage operations against NATO members, and the two countries have also reportedly displayed more coordination in the cyber domain. These concerns have become more pressing since the outbreak of war in Ukraine, where multiple sources have shown alleged evidence of Chinese and Russian cyber-operations coordination. While it is commonly accepted that China and Russia cooperate at the strategic level in the cyber domain, this article aims at better understanding whether these two nation-states are also coordinating their affiliated cyber threat groups. We investigate this, drawing on multiple open-access data and sources. Specifically, we empirically examine the activity of three Chinese groups, Mustang Panda, Scarab and Judgment Panda, to assess the presence and degree of coordination with their Russian counterparts. Our analysis shows that, as far as the examined groups are concerned, there was no coordination between Russian and Chinese campaigns, and the latter group sometimes even targeted sensitive Russian civilian and military infrastructures.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
