Cyberattacks from Chinese IPs surge during Ukraine invasion: Check Point Research

Check Point Research (CPR), the research wing of the cybersecurity software firm Check Point, has observed an increase in cyberattacks aimed at NATO countries. Examining the trend before and after Russia’s invasion of Ukraine, it was found that cyberattacks from Chinese IP addresses jumped 116 per cent on NATO countries and 72 per cent worldwide last week, in comparison to the figure before the conflict.
CPR could not attribute the attacks to Chinese entities, but it has indicated it is likely that hackers within China and abroad are increasingly using Chinese IPs to launch cyberattacks after the beginning of the Russia-Ukraine conflict.
According to CPR, worldwide attacks from Chinese IPs are increasing steadily, with attacks increasing 60 per cent last week compared to the first three weeks of the conflict. The same is true for attacks on NATO countries with Chinese IPs carrying out 86 per cent higher attacks last week.

These increases are significant because they are much higher than the overall global increase in cyberattacks seen during the same timeframes. These trends could have many meanings, according to the company. For example, it could indicate how cheap it is to set up and operate services out of China and whether it is easier to hide the origin of the attack routing attacks through an IP from the country. It could also indicate how global cyber traffic is being routed currently.
As the conflict on the ground in Ukraine rages on, a parallel cyberwar is also happening over the internet. There are multiple reports about how malware has been deployed to target government organisations in Ukraine to gain illegal control over their systems so that they can be destroyed or made inoperable.