The Chinese cybersecurity authority is blaming the US for two cyberattacks against large Chinese tech companies aimed at stealing trade secrets. The allegations were dropped at the same time as the US launched an investigation into TP-Link routers.
The CNCERT/CC (the National Computer Network Emergency Response Technical Team/Coordination Center of China) said it “handled two incidents.”
Since August 2024, a Chinese advanced materials design research unit has been attacked “by a suspected US intelligence agency.” According to the statement, an analysis revealed that the attackers exploited a vulnerability in a domestic electronic document security management system to infiltrate the company's software update management server.
Allegedly, 270 company hosts were infected with trojans through the software update service, leading to the theft of “large amounts of trade secrets and intellectual property.
Another cyberattack started in May 2023, when a large Chinese high-tech company specializing in smart energy and digital information was also targeted by a “suspected US intelligence agency.”
In this cyberattack, hackers used multiple overseas relay points to exploit Microsoft Exchange vulnerabilities. They infiltrated and gained control of the company’s mail server, and implanted backdoor programs to continuously steal email data, the statement alleges.
“Additionally, the attackers used this mail server as a springboard to attack and control over 30 devices belonging to the company and its subsidiaries, stealing large amounts of trade secret information,” the automatic translation of the statement reads.
Chinese state media widely disseminated this statement, the South China Morning Post reported.
It’s common for Chinese agencies to respond to various US allegations with the ones of their own. Following the FBI-led bust of the China-linked threat actor Volt Typhoon-controlled WiFi router network, a Chinese national cyber defense agency released three reports claiming that US intelligence agencies crafted the Volt Typhoon narrative “to win public support and pressure policymakers to allow the extension of invasive US surveillance powers.”
When the White House officials disclosed a Chinese cyber-espionage operation against its telecoms, the Chinese embassy in Washington said “The US needs to stop its own cyberattacks against other countries and refrain from using cybersecurity to smear and slander China.”
The latest US investigation against TP-Link, an Amazon bestselling WiFi router producer, follows reports that the company’s devices had been linked to Chinese cyberattacks.
Your email address will not be published. Required fields are markedmarked