By Matt Underwood It’s quite interesting to observe how global events, even something as joyous as the Lunar New Year, can have a tangible impact on the cybersecurity landscape. Recent reports, notably from a U.S. cybersecurity firm, have highlighted a significant drop in cyberattacks targeting Japan during the recent Lunar New Year holidays. This decrease, which saw phishing attacks, particularly those disguised as emails from reputable large corporations, plummet by over 70 percent, suggests a correlation that’s hard to ignore.
The prevailing thought is that these attacks, which often originate from China, may be systematically scaled back during this period because the individuals behind them are also observing the holiday. It’s a rather humanizing perspective, really; even those engaging in illicit digital activities might appreciate some downtime. This finding hints at the idea that hackers, much like the rest of us, might acknowledge and take part in significant cultural celebrations like the Lunar New Year.
The nature of these attacks, described as potentially systematic and organized, leads to the conclusion that they are likely the work of criminal groups operating as a business rather than being directly state-sponsored or involving military actors. This distinction is important, as it frames the motivations behind the cyber threats as primarily economic, albeit illicit. The idea that these are organized criminal enterprises, repeatedly executing these campaigns, makes sense when you consider the scale and persistence of phishing attempts.
The Lunar New Year is a widely celebrated festival across many East and Southeast Asian countries, including China, Vietnam, South Korea, North Korea, Singapore, Malaysia, Indonesia, Brunei, and the Philippines, as well as in regions like Taiwan, Tibet, and Mongolia. While sometimes referred to colloquially as “Chinese New Year,” it’s crucial to remember its broader cultural significance. The observation that attacks from China decreased during this period is a strong indicator of its influence on the attackers’ activities.
It’s also been noted that this phenomenon isn’t entirely unique to the Lunar New Year. Similar patterns have been observed during Japan’s Golden Week holiday, where cyberattacks directed at China also show a noticeable decline. This reciprocal observation strengthens the argument that major holiday periods, regardless of their origin, tend to see a reduction in coordinated cyber activity.
The concept of holidays in China often involves a consolidated break, leading to mass travel and crowded destinations. This collective vacation period means that a significant portion of the population is on leave simultaneously. While this might be a desired break, the reality for many can involve extensive travel and waiting times, making it less of a relaxing holiday and more of a logistical challenge.
Some have wryly suggested that North Korea might be responsible for the remaining percentage of attacks, jokingly implying they don’t get much time off. However, the overarching pattern points towards the broader cultural observance of the Lunar New Year as the primary driver for the decline in attacks originating from China.
The notion of organized business and its connection to the political structure in China has also been brought up, with the observation that larger organizations often have a Chinese Communist Party (CCP) committee. This adds a layer of complexity to understanding the operations of businesses, and by extension, the activities that might stem from them. The experience of receiving numerous connection requests from Chinese and Indian IP addresses, alongside relentless bot attempts after a password leak, paints a picture of persistent, high-volume cyber activity from these regions.
In a related business development, a Chinese company’s recent lawsuit by a Taiwanese court for allegedly stealing trade secrets from TSMC underscores the competitive and sometimes contentious nature of business and technological advancement in the region. This highlights the importance of intellectual property protection and the global reach of corporate activities.
The way holidays are often structured in China, with compensatory workdays, means that while there are extended breaks, they are often balanced by working on weekends. This cultural practice, while facilitating longer periods of time off, involves a different approach to work-life balance compared to other countries.
Ultimately, the reduction in cyberattacks against Japan during the Lunar New Year holidays is a compelling data point. It suggests that even in the realm of cybercrime, cultural practices and holiday observances can play a significant role in dictating operational tempo. While the precise reasons and contributing factors are multifaceted, the correlation is clear and provides an interesting insight into the human element that may persist even in the digital frontier.