China Complains About US Cyber Attacks

Uploaded on 2024-12-31 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

The National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT/CC) says it has identified two major cyber espionage campaigns undertaken by the US cyber spies that hacked Chinese technology companies with the aim to steal trade secrets. 

In a statement,CNCERT/CC said that an advanced materials design and research unit and a large-scale high-tech company focused on intelligent energy and digital information were "suspected of being attacked by a US intelligence agency". 

These attacks, aimed at stealing commercial secrets and intellectual property, have had the effect of raising serious concerns over Chinese national cyber security. The intrusion, which lasted for four months from April to August 2024, allowed the US attackers to maintain a persistent presence on the organisation’s network for intelligence-gathering purposes.

Several major US organisations in the telecoms sector have been to attacked by suspected Chines nation-state hackers, variously known as Salt Typhoon and Volt Typhoon and would appear that the US has directed its spy agencies to go on the offensive.

  • In the case of the advanced material design and research organisation, China claims that US attackers exploited a vulnerability in widely used electronic document security management system. According to the CNCERT/CC website “the attackers exploited a vulnerability in a certain electronic document security management system in China to invade the software upgrade management server deployed by the company, and delivered control Trojans to more than 270 hosts of the company through the software upgrade service, stealing a large amount of commercial secrets and intellectual property of the company.”
  • In a second case, dating from May 2023, a leading company in China’s smart energy and digital information sector became a victim of continuous cyber attacks. Investigation findings indicate that attackers exploited vulnerabilities in Microsoft Exchange servers and used multiple overseas locations to execute their campaign, which enabled them and to take control of the company’s email server, implant backdoor programs, and exfiltrate email data. 

According to reports. the US attackers were able to exploit the compromised email server to infiltrate many more additional devices belonging to the company, enabling the attackers to extract a large amount of sensitive commercial data.

These incidents highlight the growing threat of cyber espionage against Chinese technology companies and institutions. CNCERT/CC has urged organisations across the country to strengthen their cyber security measures, apply timely software patches, and adopt robust monitoring  to defend against evolving foreign threats.

CNCERT/CC    |    China Daily   |    Reuters   |    CybersecurityNews   |   CyberScoop

Image: Ideogram

You Might Also Read: 

Cybersecurity, Volt Typhoon & The Grid:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« IoT Devices Infected With Pre-Installed Malware
Hackers Deploy Malicious Chrome Extensions »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Energy Sec

Energy Sec

EnergySec is a United States 501(c)(3) non-profit corporation formed to support energy sector organizations with the security of their critical technology infrastructures.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

SureCloud

SureCloud

SureCloud is a Governance, Risk and Compliance (GRC) and Cybersecurity Solutions provider.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

Specops Software

Specops Software

Specops Software is a leading password management and authentication solution vendor.

Deepwatch

Deepwatch

The Deepwatch Platform helps organizations reduce risk through early and precise threat detection and remediation.

Infinite Ranges

Infinite Ranges

Infinite Ranges delivers secure, comprehensive digital solutions by connecting experts with the best products and services for the digital age.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

Hanwha Systems

Hanwha Systems

Hanwha Systems is a global company based in South Korea providing defense electronics and smart ICT solutions.

Boo Consulting

Boo Consulting

Boo Consulting is a trusted privacy and risk consultancy firm. We are driven to help you find an appropriate solution that will suit your budget and requirements.