Cyber Threat Actor: Great Firewall of China
| Actor Type | Location | Known Incidents |
Nation State
|
China
|
0 incidents |
|---|
Profile
The threat actor known as Great Firewall of China operates within China and has been publicly linked to cyber operations targeting foreign communication platforms. This entity is primarily associated with internet censorship and surveillance activities aimed at controlling information flow. Its operations align with broader efforts to restrict access to international services and redirect users toward domestic alternatives subject to government oversight.
The actor’s targeting focuses on communication platforms and email providers used by individuals and organizations within China. The 2015 man-in-the-middle attack against Microsoft Outlook exemplifies this pattern, where users were deceived by fraudulent pop-up warnings designed to harvest credentials, contacts, and email content. Similar tactics were deployed against Google, Yahoo, and Apple services, indicating a consistent objective of intercepting and monitoring digital communications. These operations reflect strategic goals tied to information control and surveillance rather than financial gain or disruptive sabotage. Technical methods involve MITM attacks to compromise secure connections, coupled with social engineering tactics like deceptive alerts to coerce user compliance.
Public reporting by censorship watchdog Greatfire.org attributes these activities to Chinese authorities, alleging state coordination to enforce cyber censorship policies. The campaign pressured users to abandon foreign services in favor of locally hosted alternatives, thereby consolidating government visibility into private communications. This incident underscores the actor’s role in advancing China’s internet governance framework through technical interference and user coercion.
