A concept photo of cybersecurity Photo: VCG
The
mk National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT) said on Wednesday that it had identified and handled two incidents of US cyberattacks targeting major Chinese tech company and institution to steal commercial secrets.
One of the two incidents dates back to August 2024, when a Chinese advanced materials design and research institution was targeted in a suspected cyberattack by US intelligence agencies.
After analysis, it was found that the attackers exploited a vulnerability in an electronic document security management system in China to infiltrate the company's software upgrade management server. Through the software upgrade service, they delivered trojans to more than 270 of the company's computers, stealing significant amounts of commercial secrets and intellectual property.
Another incident dates back to May 2023, when a major Chinese high-tech company in the smart energy and digital information sector became the target of a suspected cyberattack by US intelligence agencies.
The attackers leveraged multiple overseas footholds and exploited a vulnerability in Microsoft Exchange to breach and gain control of the Chinese company's email server, implanting backdoor programs to persistently steal email data.
Moreover, the attackers were reported to leverage the compromised email server as a gateway to target and take control of more than 30 devices within the company and its subsidiaries, stealing a substantial amount of commercial secrets.
Global Times