In a recent report by the Certification and Accreditation Administration of the People’s Republic of China (cert), it was disclosed that there have been two major cyber attacks targeting leading Chinese enterprises in the field of high technology. The attacks, believed to have originated from US intelligence agencies, were not only aimed at disrupting operations but also involved the theft of commercial secrets and intellectual property.
One of the incidents took place in August 2024, where a research institute specializing in advanced materials was compromised. The attackers exploited a vulnerability in the electronic document management system’s security protocols to gain access to the software control server. This allowed them to infect over 270 devices with malware, resulting in a significant data breach that included valuable research findings and commercial data.
Another cyber intrusion occurred in May 2023, targeting a major corporation in the intellectual energy and digital technologies sector. The hackers exploited a vulnerability in Microsoft Exchange to gain initial access. By using intermediary servers located outside of China, the attackers breached the company’s email server and planted malicious software, enabling unauthorized access to corporate communications.
Subsequently, the compromised server was utilized to launch attacks on other systems within the company, affecting more than 30 devices, including those belonging to subsidiary entities. This led to the theft of a substantial amount of data, including confidential commercial information.
Experts analyzing the incidents have pointed out the targeted and sophisticated nature of the attacks, indicating a high level of expertise and training among the individuals involved in executing these cyber intrusions.