RIA recorded a record 6,515 cyber incidents with an impact in Estonia in 2024. A record 40,287 security breaches were recorded worldwide.

Hackers infiltrated U.S. telecoms companies, authorities in Romania had to cancel the first round of presidential elections, and the global economy was rocked by major data leaks and software bugs.

Cyber threats from China also on the rise

"China's ambition to become the world's leading power by 2050 is being helped by its cyber groups. The cyber threats from China can be divided into three categories: cyber-attacks, technological dependency and data proliferation in China," states RIA's cyber security yearbook.

The agency stressed that China-linked groups are in all likelihood the most capable and sophisticated operatives. "For example, U.S. Senator Mark Warner has pointed out that the activities of China-linked actors are so serious that they make Russia's seem like child's play. Compared to Russia, the Chinese often operate more covertly because their goal is not to degrade services, but cyber espionage or pre-positioning."

China collects personal data using both TikTok and electric cars

RIA senior analyst Nikolai Kunitsõn told ERR that China is a very cyber-capable country. "The cyber capabilities of this country are, for example, rated by the Americans as the number one cyber threat in the world. Last year's attacks by Chinese hackers against American telecom companies demonstrate their capabilities."

When it comes to Estonia, China is interested in state institutions, critical infrastructure, technology companies and higher education institutions, but from the point of view of the average consumer, it is human data, Kunitsõn said. "The main problem is that we don't know exactly what China does with people's personal data."

Unlike European Union law, Chinese law requires all companies to share with their state, including the intelligence services, any data that the company collects and holds.

"If we take the example of the TikTok app, or the BYD electric car, they collect extensive data on individuals and send it to servers in China," Kunitsõn said. "We don't know exactly what is being done with that data there, but because it is accessible to the Chinese state intelligence service, it could be used, for example, to train artificial intelligence, which is what the Foreign Intelligence Service has highlighted in its report."

"In a nutshell, from the point of view of the average consumer, it is primarily a question of how much they value their privacy and whether they want China to use their personal data to develop its technology," Kunitsõn added.

Kunitsõn stressed that a person's data is their own personal property and if that data is leaked, the risk of becoming a victim of cyber fraud increases. "If their data is out there and is available to others, if it is leaked, then it is easier to phish people out, so to speak, in order to send them more specific fraudulent calls and emails."

China gained access to Trump and Harris team calls

RIA's report states that while there are many cyber groups linked to China, it is important to highlight three distinct "typhoons".

In the fall of 2024, U.S authorities reported that China-linked group Salt Typhoon, had managed to infiltrate the systems of American telecoms companies. This gave them access to voice logs, unencrypted text messages and even calls from President Donald Trump and presidential candidate Kamala Harris' teams.

Another group, Flax Typhoon, has gained control of several hundred thousand devices around the world, creating an army of so-called zombie devices, or botnets, the agency notes.

The third typhoon, Volt Typhoon, is hiding inside America's critical infrastructure, and according to the White House, their goal there is not so much to steal data as to be ready to disrupt vital services (water, communications, heating, etc.) should China need it.

Chinese groups suspected in three major international attacks

According to RIA, the hacking by Salt Typhoon began in the spring of 2024 and is still ongoing. Publicly available information shows the group gained access to the networks of at least 80 telecom companies around the world in what is considered one of the worst cyber-attacks in history. The attackers also managed to break into Donald Trump's phone. American government authorities suspect that unencrypted text messages (such as SMS) along with other data was accessed. Further investigations are ongoing and the extent of the damage caused currently remains unknown.

Flax Typhoon infected more than 200,000 devices (routers, surveillance cameras, etc.), forming a 'botnet' that was used to carry out cyber-attacks.

The U.K. Ministry of Defense was also infiltrated by hackers, who stole the data of more than 270,000 current and former military personnel. The data included first and last names, bank details, addresses as well as other personal details. Chinese-linked actors are suspected of being behind the attack.

"Made in China"

"Your phone is probably made in China. If you have a robotic vacuum cleaner, it's probably made in China. And a hot air fryer. It's harder to find things in our homes and offices that aren't made in China than those that are," according to RIA.

While at first it may seem that because goods made in China are cheaper and therefore beneficial to consumers, the picture is not so black and white. In fact, goods made in China cost less not only due to cheaper labor but also because of the Chinese state's support for its industry, the agency notes, This can, however, lead to a situation whereby companies in the rest of the world are unable to compete with Chinese firms and so we may one day find ourselves in a situation where services and products that are important to us are entirely dependent on Chinese producers.

For example, Elering pointed out in its security of supply report that one Chinese inverter manufacturer has a very large share in Estonian solar installations, which could lead to significant risks to security of supply. They could be more vulnerable to cyber-attacks for instance, the data could be monitored by the Chinese state, and maintenance and procurement is dependent on a single manufacturer.

Household devices also transmit data to Chinese government

According to RIA, while many have heard reports that TikTok is spying on users and accessing their data, they do not feel alarmed.

"Data is a person's personal property and should be handled responsibly. The European General Data Protection Regulation (GDPR) regulates just that. However, Chinese law is different," the agency stated.

In fact, Chinese law obliges all companies to share their data with the state, as TikTok's CEO has publicly stated in court. "Apart from letting the Communist Party know which cat or dance videos you like, TikTok also collects data about your device, contacts, calendar, other apps, Wi-Fi connection, and so on. All this data will also be used to develop artificial intelligence in China."

The agency cited the example of an air fryer connected to the internet that sends the data it collects to China.

"China is one of the most powerful countries in the world, which has publicly challenged democracies and is trying to increase its influence in the cyber world through a range of different means," the agency said.

RIA recommends all institutions and businesses carefully assess the trustworthiness of their supply chain and that individuals also consider which applications and products they use.

RIA: Reverberations of China issue changing people's behavior

In the last few months of 2024, there were several stories in the Estonian media about China, including those related to cyber issues, the agency stated. Among the issues that received widespread coverage was that of whether the [government of the] Estonian capital should communicate on the Chinese government-controlled platform TikTok. This evolved into the question of whether the country should ban TikTok, which is used by the Chinese government to train AI.

Another major issue was the sale in Estonia of electric cars produced by Chinese company BYD, which are connected to servers in China, where data can be accessed by the country's authorities. There was also controversy over whether routers made in China are secure and whether or not they should be used.

"These were all very valid questions, similar to those asked in September to members of the Riigikogu's China Friendship Group, who visited the country partly on the hosts' dime. All this against the background of the Chinese friendship with our eastern neighbor, its behavior in light of the latest aggression against Ukraine and the maneuvers around Taiwan," the agency noted.

The RIA report also says the issues related to China will not disappear in 2025 or any time soon. "We believe that the red flags of caution will become increasingly entrenched in more and more minds."

"When products from one country are sharing everyone's data with that country's authorities, and that country is not exactly on the same side of the divide as us and our allies, it's worth thinking at least nine times about whether or not you should buy that new Chinese gadget or allow your child to download TikTok on their phone," RIA noted.

---

Follow ERR News on Facebook and Twitter and never miss an update!