Security experts: Mainland a major cybercrime target

Despite a ready embrace of the mobile-first approach to technology, businesses and consumers on the mainland have emerged as major targets of cybercrime.

"Cyberattacks in the mainland have grown considerably over the past 12 months, with the growth in attacks outpacing the growth in transactions," said Vanita Pandey, vice-president of product marketing and strategy at ThreatMetrix, a US-based security technology company.

As data from ThreatMetrix showed, the mainland saw a 50 percent surge in cyberattacks year-on-year in the second quarter of 2017.

"This underscores the fact that fraudsters are increasingly targeting mainland businesses and consumers who rely heavily on connected devices to conduct daily interactions across a wide range of industries," she noted.

In the second quarter of the year, a whopping 80 percent of online transactions in the mainland were executed through mobile devices, according to data from digital consulting company China Internet Watch. Such a mobile-first mindset bolsters the country's $195 billion mobile shopping market that recorded a 46 percent growth year-on-year in the second quarter.

The mobile craze leads to a spectacular takeoff of the "sharing economy", whose market value hit more than $300 billion in the mainland last year, with more than 50 million people－roughly 5.5 percent of the nation's workforce－employed in this booming sector, according to a report from the National Development and Reform Commission.

"Many of the brand-new businesses are interwoven into the fabric of mainland consumers' everyday lives, with transactions increasingly mobile only and coming with a set of expectations on the users' part about the service they expect in return," Pandey said.

Case in point: Ride-sharing－a transportation revolution that took the Chinese mainland by storm but also caused a huge headache for policymakers.

"Though taxi ride-sharing giant Didi Chuxing took merely three years to secure half of the market share, we have seen two very unique types of cyberattack patterns here," Pandey told China Daily.

For businesses operating in mainland, the attack vectors are usually device spoofing, in which fraudsters try to mock devices and locations to create fake trips to make money, or propagate two-party fraud, in which fraudsters use a "fake driver" account to go with a customer using stolen credentials.

Other attack vectors include fraudsters taking trips using stolen cards, she added.

As regulators in major jurisdictions are looking to strike up a delicate balance between the adoption of internet of things and cybersecurity, Pandey believed human errors would continue to provide a big entry point for cybercriminals, as in many cases, the adoption of new technology outpaces people's true understanding of its implications or workings.

"Nowadays, cybercrime really evolves into a fully functioning industry, whose handsome returns but low risk lure a mixture of nation states, globally networked fraud rings and opportunistic lone wolf perpetrators," Pandey said. "In this ever-changing threat landscape, it is critical for regulators and businesses to have a solution that is able to evolve."