China Complains About US Cyber Attacks

Uploaded on 2024-12-31 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

The National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT/CC) says it has identified two major cyber espionage campaigns undertaken by the US cyber spies that hacked Chinese technology companies with the aim to steal trade secrets. 

In a statement,CNCERT/CC said that an advanced materials design and research unit and a large-scale high-tech company focused on intelligent energy and digital information were "suspected of being attacked by a US intelligence agency". 

These attacks, aimed at stealing commercial secrets and intellectual property, have had the effect of raising serious concerns over Chinese national cyber security. The intrusion, which lasted for four months from April to August 2024, allowed the US attackers to maintain a persistent presence on the organisation’s network for intelligence-gathering purposes.

Several major US organisations in the telecoms sector have been to attacked by suspected Chines nation-state hackers, variously known as Salt Typhoon and Volt Typhoon and would appear that the US has directed its spy agencies to go on the offensive.

  • In the case of the advanced material design and research organisation, China claims that US attackers exploited a vulnerability in widely used electronic document security management system. According to the CNCERT/CC website “the attackers exploited a vulnerability in a certain electronic document security management system in China to invade the software upgrade management server deployed by the company, and delivered control Trojans to more than 270 hosts of the company through the software upgrade service, stealing a large amount of commercial secrets and intellectual property of the company.”
  • In a second case, dating from May 2023, a leading company in China’s smart energy and digital information sector became a victim of continuous cyber attacks. Investigation findings indicate that attackers exploited vulnerabilities in Microsoft Exchange servers and used multiple overseas locations to execute their campaign, which enabled them and to take control of the company’s email server, implant backdoor programs, and exfiltrate email data. 

According to reports. the US attackers were able to exploit the compromised email server to infiltrate many more additional devices belonging to the company, enabling the attackers to extract a large amount of sensitive commercial data.

These incidents highlight the growing threat of cyber espionage against Chinese technology companies and institutions. CNCERT/CC has urged organisations across the country to strengthen their cyber security measures, apply timely software patches, and adopt robust monitoring  to defend against evolving foreign threats.

CNCERT/CC    |    China Daily   |    Reuters   |    CybersecurityNews   |   CyberScoop

Image: Ideogram

You Might Also Read: 

Cybersecurity, Volt Typhoon & The Grid:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« IoT Devices Infected With Pre-Installed Malware
Hackers Deploy Malicious Chrome Extensions »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

Jobsite

Jobsite

Jobsite is an award winning job board in the UK providing job listings in the key sectors of IT, Engineering and Finance.

Ackcent Cybersecurity

Ackcent Cybersecurity

Ackcent's mission is to help our clients to protect their critical digital assets by providing them with a portfolio of specialised professional services.

Unlimited Technology

Unlimited Technology

Unlimited Technology offers a wide range of talent and experience, from assessing your requirements to implementing technologically advanced security solutions to best fit your needs.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Pelta Cyber Security

Pelta Cyber Security

Pelta Cyber Security is the cyber security consulting and solutions division of Softworld Inc. We provide staffing and recruitment services as well as consulting and solutions for outsourced projects.

Contechnet Deutschland

Contechnet Deutschland

Contechnet Deutschland started as a specialist in the area of IT disaster recovery and has since broadened its portfolio into information security and data protection.

Naq Cyber

Naq Cyber

Naq is the number one platform for SMEs looking to become legally compliant and protect against cybercrime and other data-related incidents.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

63Sats Cybertech

63Sats Cybertech

63SATS is the cybersecurity business unit of 63 Moons Technologies, a world leader in providing next-generation technology ventures, innovations, platforms, and solutions. 

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.

Dynamic Standards International (DSI)

Dynamic Standards International (DSI)

Dynamic Standards International is a global standards development organization which develops certifiable ‘dynamic standards’ that pace with fast-evolving landscapes.