Two reports issued this weekend provided a stunning glimpse into the extent of China’s espionage operations using the Internet. Tracking GhostNet: Investigating a Cyber Espionage Network and The Snooping Dragon: Social-Malware Surveillance of the Tibetan Movement, served as clear warnings — especially to the Tibetan movement — that Chinese authorities are watching, listening, collecting and acting on the information obtained.
The second report said that the malware is “well written” and has been “devastatingly effective,” targeting, among others, foreign ministries, NGOs, news organizations, NATO and the Tibetan government-in-exile. The first report says GhostNet infected at least 1,295 computers in 103 countries, “of which close to 30 percent can be considered as high-value diplomatic, political, economic, and military targets.”
Beyond collecting information, the software developed in China, known as gh0st RAT, allows attackers to gain full, real-time control of, send instructions to and retrieve information from the targeted computer.
In the private realm, the implications of cyber espionage as a tool of repression are devastating. In one instance, a woman working for Drewla, a group that uses online chatting forums to reach out to Chinese and educate them on the plight of Tibetans, was arrested at the Nepalese-Tibetan border as she was returning to her village in Tibet. She was interrogated by Chinese intelligence officers, held incommunicado and presented with the full transcripts of her Internet chat activity. She was then banned from Tibet.
While the Tracking GhostNet report is careful not to attribute all cyber attacks to intelligence-gathering operations by Beijing, it is active in that domain and has used actionable intelligence collected electronically to pursue its objectives.
Although the reports paid special attention to Chinese spying on Tibetans, in the process the authors determined that of 986 known infected IP hosts in 93 countries, Taiwan had the most — 148 — including its embassy in Swaziland, the Institute for Information Industry, Net Trade, the Taiwan External Trade Development Council and the Government Service Network.
Coupled with evidence that, despite President Ma Ying-jeou’s (馬英九) cross-strait peace initiative, China has not taken the military option off the table, revelations of China’s cyber espionage network raise questions about the wisdom of intensifying relations with China. If, as can be assumed, China remains committed to targeting Taiwan for intelligence collection, then the more electronic contact there is between the two sides, the greater the opportunities will be for the transmission of malware. The repercussions in the banking and high-tech sectors, not to mention defense and public safety, could be huge.
China could target individuals, especially in pro-independence groups and opponents of cross-strait agreements. As fear of, and opposition to, agreements with China that risk undermining the sovereignty of Taiwan increases, China can be expected to monitor dissidents in ways that recall its treatment of Tibetans, as outlined in the reports.
Chinese intelligence has a long history of such activity but until recently its espionage was done through human intelligence. Now that communication is mostly electronic, however, espionage can be carried out remotely and with greater efficiency. Given the stakes, Taiwan should conduct its own study on the matter.
Congratulations to China’s working class — they have officially entered the “Livestock Feed 2.0” era. While others are still researching how to achieve healthy and balanced diets, China has already evolved to the point where it does not matter whether you are actually eating food, as long as you can swallow it. There is no need for cooking, chewing or making decisions — just tear open a package, add some hot water and in a short three minutes you have something that can keep you alive for at least another six hours. This is not science fiction — it is reality.
A foreign colleague of mine asked me recently, “What is a safe distance from potential People’s Liberation Army (PLA) Rocket Force’s (PLARF) Taiwan targets?” This article will answer this question and help people living in Taiwan have a deeper understanding of the threat. Why is it important to understand PLA/PLARF targeting strategy? According to RAND analysis, the PLA’s “systems destruction warfare” focuses on crippling an adversary’s operational system by targeting its networks, especially leadership, command and control (C2) nodes, sensors, and information hubs. Admiral Samuel Paparo, commander of US Indo-Pacific Command, noted in his 15 May 2025 Sedona Forum keynote speech that, as
In a world increasingly defined by unpredictability, two actors stand out as islands of stability: Europe and Taiwan. One, a sprawling union of democracies, but under immense pressure, grappling with a geopolitical reality it was not originally designed for. The other, a vibrant, resilient democracy thriving as a technological global leader, but living under a growing existential threat. In response to rising uncertainties, they are both seeking resilience and learning to better position themselves. It is now time they recognize each other not just as partners of convenience, but as strategic and indispensable lifelines. The US, long seen as the anchor
Kinmen County’s political geography is provocative in and of itself. A pair of islets running up abreast the Chinese mainland, just 20 minutes by ferry from the Chinese city of Xiamen, Kinmen remains under the Taiwanese government’s control, after China’s failed invasion attempt in 1949. The provocative nature of Kinmen’s existence, along with the Matsu Islands off the coast of China’s Fuzhou City, has led to no shortage of outrageous takes and analyses in foreign media either fearmongering of a Chinese invasion or using these accidents of history to somehow understand Taiwan. Every few months a foreign reporter goes to
RSS