Thursday, January 23, 2025
HomeCyber AttackUSA Launched Cyber Attack on Chinese Technology Firms

USA Launched Cyber Attack on Chinese Technology Firms

Published on

SIEM as a Service

Follow Us on Google News

The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions.

These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual property, raising alarm over the growing sophistication of cyber threats.

Targeting Advanced Material Design Companies

One of the recent cases involved a prominent advanced material design and research organization in China. Since August 2024, the company has been subjected to a highly sophisticated cyber attack.

Analysts discovered that attackers exploited a vulnerability in an electronic document security management system widely used across the country.

According to CNIE’s investigation, the attackers infiltrated the company’s software upgrade management server, using it to deploy control Trojans to over 270 hosts across the organization.

This breach allowed the cybercriminals to steal substantial amounts of sensitive commercial secrets and intellectual property.

CNIE officials stated in their analysis: “The attackers exploited a vulnerability in a certain electronic document security management system to invade the software upgrade management server and delivered control Trojans through the compromised software upgrade service.”

Major Breach in Smart Energy and Digital Information Sector

A separate case, dating back to May 2023, targeted one of China’s leading enterprises in the smart energy and digital information sector.

Investigators revealed that attackers exploited vulnerabilities in Microsoft Exchange servers, leveraging multiple overseas springboards to execute their campaign.

This attack enabled perpetrators to gain control over the company’s email servers, implant backdoors, and systematically steal email data.

The attackers further infiltrated over 30 devices, both within the company and its subsidiaries, exfiltrating vast amounts of sensitive commercial information.

These incidents come against the backdrop of increasing accusations of state-sponsored cyber operations between China and the United States.

Earlier this year, a large U.S. organization with operations in China endured a four-month-long cyber intrusion, allegedly executed by China-based hackers.

Analysts have suggested that the recent attacks on Chinese firms could represent retaliation, escalating the cybersecurity tensions between the two nations.

The CNIE has issued an urgent call for Chinese organizations to bolster their cybersecurity defenses amidst the increasing threat landscape.

Measures such as timely software updates, enhanced monitoring mechanisms, and robust vulnerability management have been recommended as critical steps to mitigate risks.

“These revelations underline the importance of a proactive approach to cybersecurity, as well as international cooperation to address and manage these threats,” a CNIE spokesperson said, emphasizing the need for accountability in combating malicious cyber activities.

With the rapid evolution of cyber espionage tactics, Chinese institutions must remain vigilant.

These campaigns serve as a stark reminder that no software or system is impervious to exploitation, reinforcing the importance of stringent cybersecurity practices in an era defined by digital warfare.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...