China Accuses US Intelligence of Cyberattacks on Tech Giants
China’s CERT has reported two major cyberattacks targeting leading Chinese enterprises in the high-tech sector. The attacks are believed to have originated from U.S. intelligence operations and resulted in the theft of trade secrets and intellectual property.
In August 2024, one of the attacks targeted a research institute specializing in advanced materials development. Exploiting a vulnerability in the institute’s electronic document security management system, the attackers gained access to the software update management server. Through this system, malware was deployed to over 270 devices, leading to a massive data breach, including proprietary technologies and commercially sensitive information.
The second incident occurred in May 2023 and involved a prominent corporation in the fields of smart energy and digital technologies. The attackers exploited a vulnerability in Microsoft Exchange, using intermediary servers outside China to infiltrate the company’s email server. They installed malware that enabled continuous access to corporate communications.
Subsequently, the compromised server was used to launch attacks on other systems within the organization, affecting more than 30 devices, including the infrastructure of subsidiary entities. A substantial volume of data, including trade secrets, was stolen during the operation.
Experts have noted that these attacks were both highly targeted and technologically advanced, with their execution reflecting the professional expertise of those involved.