China- A Leader In Vulnerability Exploitation

Picture of Anita Mulchandani

Be it the security teams working for the government or businesses or be it the companies that provide Cybersecurity as a service, it has been difficult to be in this game and come out unaffected. Since the beginning of 2020, the enormous disruption caused by Covid, it has been a harsh time for those who are in the process of stopping cyberattacks from China.

What has China done to become a Leader in Vulnerability Exploitation?

China deployed vulnerability exploits at a much higher rate in 2021 compared to 2020. The infamous Wicked Panda along with other China’s cyber threat actors had published two vulnerabilities in 2020 named CVE-2020-14882 (Oracle WebLogic) and CVE-2020-10189 (Zoho ManageEngine). 

China vulnerability exploitation 2021 statistics suggested 12 exploitation of vulnerabilities published in 2021 which affected nine products, meaning 6 times increment in exploitation when compared to China vulnerability exploitation 2020

In the past, Chinese malicious actors had exploited vulnerabilities through user interaction. These explorations came under the guise of important documents or other files attached to emails. They also exploited through websites that hosted malicious code, all they needed was to be visited once by the user. 

In 2021, Chinese hackers started deploying their exploits with a complete focus on vulnerabilities that were found in internet facing devices and services. A much more sophisticated manner of cyberattacks from China used a series of vulnerabilities called ProxyLogon and ProxyShell in Microsoft Exchange. These vulnerabilities allowed the hackers to launch brazen data breaches in organizations worldwide.  

How is China emerging as a Cyberpower?

China as an emerging cyberpower exploited VPNs and routers for acquiring infrastructure and initial access. These hackers have been exploiting various products for initial access including GitLab.1, Atlassian Confluence, and Zoho ManageEngine.
Sophisticated cyberattacks and malicious activities carried out by China in 2021 have brought forward a high range of exploitation and acquisition capabilities. The CrowdStrike threat report shows that within the community of Chinese hackers, the Tianfu Cup hacking competition has presented a noteworthy talent of exploitation development.

What lesson should we learn from Cyberattacks?

Cyberattacks like these help us understand that in today's world, not being protective enough of your system infrastructure and implementing the right cybersecurity solutions in place can lead to a massive loss. Not just financial loss, but the loss of data which can become a major cause of losing your company’s reputation and trust. Small to medium sized enterprises (SMEs) get affected by such cyberattacks to an extent that bouncing back becomes an unachievable task. For enterprises like these, there are offshore services offered by Cybersecurity companies. One of such companies is Cyberware.AI.

Cyberware.AI understands your specific cybersecurity needs and offers sophisticated tools and technical expertise to protect your company from cyber threats. From vulnerability assessment to vulnerability management, it offers all the services you need along with security awareness training.

To know more about the services offered by Cyberware.AI, you can email at:


Cyberware AI is a leading-edge cybersecurity firm that is disrupting the industry with our comprehensive, multi-tiered approach to safeguarding assets for small and medium-sized businesses (SMBs). Cyberware AI’s unique engagement model allows us to provide enterprise-level security at a price point affordable to SMBs. For more, contact