Chinese Hackers Breached Afghan Telecom Company As US Withdrew

Breach could give China access to 'hugely valuable' user information

Getty Images
October 9, 2021

Chinese hackers breached a major Afghan telecommunications company as the United States withdrew from Afghanistan, an early sign of Beijing's attempt to gain a foothold in the country.

At least two China-backed hackers breached Afghan telecommunications giant Roshan earlier this year, according to a report from the Insikt Group, a cybersecurity research firm. Hacking groups ramped up their efforts in August and September, as U.S. troops began leaving the country. The breach could give China access to "hugely valuable" information about the network itself and high-value individuals who use it, the researchers said.

Afghanistan is the latest country where China has tried to expand its influence. In the United States, China has successfully pressured Nike, Apple, and the NBA to remain silent on Chinese human-rights abuses. Lithuanian government officials last month warned citizens not to buy Chinese phones after they were found to contain censorship tools. In Asia, China has used "debt-trap diplomacy," loaning money to smaller countries at devastating interest rates and seizing assets when those debts are not repaid.

China has spent $50 to 100 billion a year on its Belt and Road initiative, which uses infrastructure projects to expand its influence in developing countries. But Afghanistan is an unlikely target for Belt and Road projects, given its remoteness, poverty, and instability. According to Center for Strategic and International Studies senior fellow Jonathan Hillman, China may see digital attacks as a more effective route to gaining a foothold in Afghanistan.

"The Chinese government may view Afghanistan's major telecom providers as an important avenue for collecting intelligence and monitoring political and security risks," Hillman told the Washington Free Beacon.

Such operations could help China monitor activity near Afghanistan’s border with the Xinjiang region, where the country maintains a network of concentration camps for its Uyghur ethnic minority. The Taliban has removed Uyghur militia fighters from the border, apparently as a favor to the Chinese government. Afghan Uyghurs worry they may be deported to China as the Taliban cements its control.

The researchers noted that China’s intelligence apparatus is so large that the hacking groups likely did not coordinate with each other, suggesting there may have been multiple intelligence targets in the hack. One of the Chinese hacking groups was implicated in the March hack of Microsoft Exchange, accessing the emails of hundreds of thousands of Americans.