The typical image of Chinese hackers is of operatives working for or with the tacit approval of the government, targeting valuable or sensitive data at foreign companies or government agencies. While there are plenty of those, many in China—like hackers elsewhere—also target the laptop of their ex-boss or the smartphone of the guy in front of them at the coffee shop.
China’s criminal hacking community numbers at least 400,000 and sucks 100 billion yuan ($15 billion) out of the country’s economy each year, according to Zheng Bu, an angel investor and former executive at cybersecurity company FireEye Inc. “There is a large criminal ecosystem in China,” says Bryce Boland, FireEye’s chief technology officer for the Asia-Pacific region. And with government restrictions on security technology tightening, individuals and businesses can have a tough time combating the crooks.
Respondents to a 2016 PwC survey of 330 chief executive officers and information technology directors of foreign and domestic companies operating inside China and Hong Kong reported a 417 percent year-over-year increase in “detected security incidents,” which can include malware, ransomware, stolen data, and other network breaches.
PwC says these hacks most often target customer databases and proprietary records and typically cost each company in Greater China about $2.6 million annually. Of 496 executives and IT professionals surveyed earlier this year by the American Chamber of Commerce in China, most said data-security threats were more significant in China than in other regions where their businesses operate.
“Getting the common people’s data is like buying cabbage”
Part of what makes China a lucrative target for hackers is the population’s rapid embrace of mobile payment technology—WeChat Wallet, Alipay, and other transaction software linked to popular social media services. More than half of Chinese consumers expect their phones to become their primary way to pay for things, PwC says. And automatic connections to Wi-Fi are common in China. “Most people don’t check who is the real administrator of a public Wi-Fi connection,” says Mangesh Fasale, a malware analyst at security firm F-Secure. “Hackers in China often make decoy Wi-Fi access points, and if you connect to them, they can access whatever is on your phone.”