The China National Internet Emergency Center announced on the 18th that they have discovered two incidents where the U.S. conducted cyber attacks on large Chinese technology enterprises to steal trade secrets.
One of the cases reported on the website of the National Internet Emergency Center occurred this year. Since August 2024, an advanced materials design research unit in China has been subject to cyber attacks suspected to be from a U.S. intelligence agency.
The National Internet Emergency Center stated that the attackers exploited a vulnerability in a certain electronic document security management system within China to infiltrate the software upgrade management server deployed by the company. Through the software upgrade service, they delivered a control trojan to over 270 hosts of the company, stealing a large amount of trade secret information and intellectual property.
The other case occurred last year. Since May 2023, a large high-tech enterprise in China's smart energy and digital information sectors has been targeted in cyber attacks suspected to be from a U.S. intelligence agency.
The National Internet Emergency Center claimed that the attackers used multiple overseas proxies to exploit a Microsoft Exchange vulnerability, infiltrating and controlling the company's mail server and implanting backdoor programs to continuously steal email data. Furthermore, the attackers used this mail server as a proxy to attack and control over 30 devices of the company and its subsidiaries, stealing a large amount of trade secret information.