NewKerala.com

China's "Expedition Cloud" Cyber Platform Trains for Attacks on Neighbors

A report based on leaked technical documents reveals China is operating a covert cyber training platform called "Expedition Cloud." The system is designed to simulate attacks on replicas of critical infrastructure networks belonging to China's neighbors in the South China Sea and Indochina regions. The platform splits exercises between reconnaissance and attack groups, practicing on sectors like power, energy transmission, and transportation. The existence of this offensive-focused platform contradicts Chinese officials' repeated denials of government involvement in cyber attacks.

Key Points: China's Covert Cyber Training Platform Targets Neighbors

  • Leaked docs reveal "Expedition Cloud" platform
  • Simulates attacks on power, energy, transport networks
  • Focuses on offensive, not defensive, operations
  • Uses AI and repeated scenario testing
3 min read

China's covert cyber attack platform targets critical infrastructure of neighbouring nations: Report

Leaked documents reveal China's "Expedition Cloud" system simulates cyberattacks on critical infrastructure of neighboring nations, report says.

"rehearsing attacks on critical infrastructure offers China a potential advantage - Recorded Future News report"

Beijing, Feb 13

China has consistently been accused by Western officials and cybersecurity researchers of conducting extensive offensive cyber campaigns, with those allegations based on intelligence assessments and technical forensics obtained following cyber attacks.

The leaked materials, including source code, training data and software assets, offer rare documentary insight into the groundwork that could enable such attacks before they occur, a report said on Friday.

Citing a cache of leaked technical documents, cybersecurity news publications, 'Recorded Future News' reported that China appears to be using a covert training platform designed to simulate cyberattacks against the critical infrastructure of its closest neighbours.

The internal files describe the training platform as part of a broader integrated system called "Expedition Cloud" designed to enable attackers to practice hacking replicas of "the real network environments" of China's "main operational opponents in the South China Sea and Indochina directions."

"The cache, which was first reported by specialist blog NetAskari, specifies recreating target computer networks used in the power, energy transmission and transportation sectors as well as in smart home infrastructure. It stresses evaluating the work of 'reconnaissance groups' and 'attack groups' in operations against these networks, with no specified role for defenders," the report in 'Recorded Future News' detailed.

"Rehearsing attacks on critical infrastructure offers China a potential advantage by allowing cyber operations to be planned and practiced in advance rather than improvised in real time. Experts said the system's design also points toward greater use of artificial intelligence in cyber operations, a shift that could give China's already large cyber forces additional advantage," it added.

According to the report, the existence of such a platform, focused on offensive rather than defensive operations, casts doubt on repeated assertions by Chinese officials that their government is not involved in cyber attacks.

The report stated that a closer examination of how the system divides and analyses cyber operations within the copies of adversary networks is key to understanding the scrutiny surrounding the documents.

"The platform splits the training exercises for cyber attacks between two teams with distinct roles, using templates mimicking target networks so the same scenarios can be recreated and tested repeatedly under controlled conditions," it stated.

"Initially a reconnaissance group is sent to map the digital environment, like scouts surveying terrain ahead of an advancing force. This team identifies what systems are present on the network, which services or interfaces are exposed, and where potential access paths may exist for the second team," it further noted.

- IANS

Share this article:

Reader Comments

S
Sarah B
While the report is alarming, we must ensure our own response is measured and based on verified intelligence, not just allegations. A knee-jerk reaction could escalate tensions unnecessarily. Cyber diplomacy is crucial.
A
Ananya R
"Expedition Cloud" targeting South China Sea neighbours... this is a wake-up call. Our critical infrastructure is just as vulnerable. Are our ITI and engineering colleges producing enough ethical hackers for defense? We need a national mission on this, yaar.
R
Rohit P
Not surprised at all. This has been their modus operandi for years. The focus on AI in cyber ops is the real game-changer though. Bharat needs to step up its game big time. Atmanirbhar in cybersecurity should be the top priority.
K
Karthik V
Respectfully, while we point fingers, we must also ask: Is our own CERT-In and NCIIPC equipped to handle such sophisticated, AI-driven attacks? More transparency about our defensive preparedness would reassure citizens.
P
Priya S
This is scary for ordinary people. Smart home infrastructure is mentioned too! We are all connected. The government should run public awareness campaigns on basic digital hygiene. A small step from each of us can build a stronger national firewall.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50