China Complains About US Cyber Attacks

Uploaded on 2024-12-31 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

The National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT/CC) says it has identified two major cyber espionage campaigns undertaken by the US cyber spies that hacked Chinese technology companies with the aim to steal trade secrets. 

In a statement,CNCERT/CC said that an advanced materials design and research unit and a large-scale high-tech company focused on intelligent energy and digital information were "suspected of being attacked by a US intelligence agency". 

These attacks, aimed at stealing commercial secrets and intellectual property, have had the effect of raising serious concerns over Chinese national cyber security. The intrusion, which lasted for four months from April to August 2024, allowed the US attackers to maintain a persistent presence on the organisation’s network for intelligence-gathering purposes.

Several major US organisations in the telecoms sector have been to attacked by suspected Chines nation-state hackers, variously known as Salt Typhoon and Volt Typhoon and would appear that the US has directed its spy agencies to go on the offensive.

  • In the case of the advanced material design and research organisation, China claims that US attackers exploited a vulnerability in widely used electronic document security management system. According to the CNCERT/CC website “the attackers exploited a vulnerability in a certain electronic document security management system in China to invade the software upgrade management server deployed by the company, and delivered control Trojans to more than 270 hosts of the company through the software upgrade service, stealing a large amount of commercial secrets and intellectual property of the company.”
  • In a second case, dating from May 2023, a leading company in China’s smart energy and digital information sector became a victim of continuous cyber attacks. Investigation findings indicate that attackers exploited vulnerabilities in Microsoft Exchange servers and used multiple overseas locations to execute their campaign, which enabled them and to take control of the company’s email server, implant backdoor programs, and exfiltrate email data. 

According to reports. the US attackers were able to exploit the compromised email server to infiltrate many more additional devices belonging to the company, enabling the attackers to extract a large amount of sensitive commercial data.

These incidents highlight the growing threat of cyber espionage against Chinese technology companies and institutions. CNCERT/CC has urged organisations across the country to strengthen their cyber security measures, apply timely software patches, and adopt robust monitoring  to defend against evolving foreign threats.

CNCERT/CC    |    China Daily   |    Reuters   |    CybersecurityNews   |   CyberScoop

Image: Ideogram

You Might Also Read: 

Cybersecurity, Volt Typhoon & The Grid:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« IoT Devices Infected With Pre-Installed Malware
Hackers Deploy Malicious Chrome Extensions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

CYE

CYE

Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

Liquid Technology

Liquid Technology

Liquid Technology provide DOD- and NIST-compliant data destruction and EPA-compliant e-waste disposal and recycling services throughout North America, Europe and Asia.

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center is dedicated to combating adversaries who desire to harm our citizens, our government, and our industry through cyber-attacks.

Risk Ledger

Risk Ledger

Risk Ledger is improving the security of the global supply chain ecosystem, reducing the number of data breaches experienced through supply chain attacks by companies and consumers alike.

xMatters

xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents before they can become business problems.

Argentra

Argentra

Argentra is a specialist engineering company, we have years of experience developing custom security software and providing security risk consulting.

SECUINFRA

SECUINFRA

SECUINFRA has been supporting companies in detecting, analyzing and defending against cyber attacks since 2010.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

ExactTrak

ExactTrak

ExactTrak provide embedded cyber security solutions for your digital devices – whenever and wherever you need them.

Defence Logic

Defence Logic

Defence Logic is a cyber security company serving clients in many business sectors. Our consultancy services include Penetration Testing, Security Reviews and Monitoring.

Creative Network Innovations (CNI)

Creative Network Innovations (CNI)

Creative Network Innovations is a leader in providing advanced IT and cybersecurity solutions.