The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions.
These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual property, raising alarm over the growing sophistication of cyber threats.
Targeting Advanced Material Design Companies
One of the recent cases involved a prominent advanced material design and research organization in China. Since August 2024, the company has been subjected to a highly sophisticated cyber attack.
Analysts discovered that attackers exploited a vulnerability in an electronic document security management system widely used across the country.
According to CNIE’s investigation, the attackers infiltrated the company’s software upgrade management server, using it to deploy control Trojans to over 270 hosts across the organization.
This breach allowed the cybercriminals to steal substantial amounts of sensitive commercial secrets and intellectual property.
CNIE officials stated in their analysis: “The attackers exploited a vulnerability in a certain electronic document security management system to invade the software upgrade management server and delivered control Trojans through the compromised software upgrade service.”
Major Breach in Smart Energy and Digital Information Sector
A separate case, dating back to May 2023, targeted one of China’s leading enterprises in the smart energy and digital information sector.
Investigators revealed that attackers exploited vulnerabilities in Microsoft Exchange servers, leveraging multiple overseas springboards to execute their campaign.
This attack enabled perpetrators to gain control over the company’s email servers, implant backdoors, and systematically steal email data.
The attackers further infiltrated over 30 devices, both within the company and its subsidiaries, exfiltrating vast amounts of sensitive commercial information.
These incidents come against the backdrop of increasing accusations of state-sponsored cyber operations between China and the United States.
Earlier this year, a large U.S. organization with operations in China endured a four-month-long cyber intrusion, allegedly executed by China-based hackers.
Analysts have suggested that the recent attacks on Chinese firms could represent retaliation, escalating the cybersecurity tensions between the two nations.
The CNIE has issued an urgent call for Chinese organizations to bolster their cybersecurity defenses amidst the increasing threat landscape.
Measures such as timely software updates, enhanced monitoring mechanisms, and robust vulnerability management have been recommended as critical steps to mitigate risks.
“These revelations underline the importance of a proactive approach to cybersecurity, as well as international cooperation to address and manage these threats,” a CNIE spokesperson said, emphasizing the need for accountability in combating malicious cyber activities.
With the rapid evolution of cyber espionage tactics, Chinese institutions must remain vigilant.
These campaigns serve as a stark reminder that no software or system is impervious to exploitation, reinforcing the importance of stringent cybersecurity practices in an era defined by digital warfare.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free