The Cybersecurity and Infrastructure Agency (CISA), along with other federal law enforcement agencies, released an alert (AA21-200B) and analysis on Chinese state-sponsored cyberthreats to federal, state, and local governments, as well as private industry.

According to the agencies, Chinese state-sponsored cyber actors aggressively target U.S. and allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, critical and emerging key technologies, intellectual property, and personally identifiable information (PII).

The alert provides information on tactics, techniques, and procedures used by Chinese state-sponsored cyber actors.

The analysis notes that in 2021, the U.S. Intelligence Community assessed that the People’s Republic of China presents a “prolific and effective cyber-espionage threat, possesses substantial cyberattack capabilities, and presents a growing influence threat.”

It recommends leaders of organizations:

• Drive a culture of cybersecurity investment and strategy.
• Ensure organizations have incident response plans.
• Stay informed about Chinese malicious cyber activity.