China's Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center.
A joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of US intelligence agencies linked to a cyberattack incident targeting the Wuhan Earthquake Monitoring Center affiliated to the city's Emergency Management Bureau, the Global Times learned.
In an article released on its WeChat account Wednesday, the MSS said in recent years similar cases of some foreign organizations targeting China's key security data have been frequently reported, warning the risks of data leakage.
The article cited several cases including one in 2020 when information systems of an airline were attacked by an overseas network, leading to the leaking of passenger travel records. In 2021 an overseas consulting and investigation company established "cooperation" with dozens of domestic personnel to extensively collect basic shipping data and specific ship cargo information. In 2022, there was a case of endangering national security involving high-speed rail operation data, the MSS revealed.
To safeguard data security is to safeguard national security, to defend data sovereignty is to defend national sovereignty, and to protect data security is to safeguard a better future, the MSS noted.
In the article, the MSS described data equivalent to production capacity that closely links to people's interests and national security, which is the reason why Chinese data remains of interest to foreign spy agencies.
The ministry compared the vast ocean of data to the oil resources of the industrial economy, which contain huge productivity and business opportunities. Whoever masters big data technology will master the resources and initiative of development, it said.
In 2022, China's data output has reached 8.1ZB, ranking second in the world. The data storage capacity has reached 724.5EB, accounting for 14.4 percent of global processing volume. In 2022, the scale of the country's digital economy was valued at 50.2 trillion yuan ($6.87 trillion), accounting for 41.5 percent of the GDP, according to the MSS.
The ministry said as an important driving force for a new round of scientific and technological revolution and industrial transformation, high-quality data resources have had a major impact on the country's economic development, social governance, and people's lives.
The profound impact has been as important as traditional factors such as land, labor, capital, and technology, and in some cases has superseded these traditional elements, underlining the importance of technological innovation, it said.
There were 4,145 publicly disclosed data breaches globally in 2021, resulting in leakage of a total of 22.77 billion datasets, the MSS wrote citing reports from foreign data security organizations.
This eye-catching number is alarming, and the implied security issues cannot be ignored, the MSS said.
China is a major cyber power, also a large victim of cyberattacks. In recent years, hacker organizations, criminal gangs and lawbreakers have continued to carry out cyberattacks on China's key information infrastructure and important industry sectors, invading important information systems, and stealing important data.
These practices not only violate personal privacy and business secrets, but also threaten the security of important national data, the MSS said.
In facing of emerging data security problems, the MSS called on to strengthen the protection, early warning and tracing capacity of key information infrastructure.
The country's national security departments, at the same time, called for a nationwide effort to optimize China's data property rights protection system, increase the protection of technology patents and digital copyrights.
Since 2016, China has issued a slew of laws and regulations, including the Cyber Security Law, Data Security Law and Data Export Security Assessment Measures. The legal system serves as a structured defense for data security and the digital economy, the MSS added.