A Chinese cybersecurity body has accused the United States of carrying out cyberattacks and stealing business secrets from a research centre and a data company as the American government launched a national security investigation into Chinese router company TP-Link.
The National Computer Network Emergency Response Technical Team/Coordination Centre of China, a non-governmental body that monitors cybersecurity threats, said in a statement on Wednesday that it had found and “dealt with” these attacks.
The statement was widely carried by state media.
Since August, an advanced material design research unit has been targeted in suspected cyberattacks by American intelligence agencies, it said.
An analysis showed that the attacker used a breach in an electronic document security management system to invade the company’s server and sent a Trojan horse virus to more than 270 hosts through a software upgrade service, the statement said, adding that the virus took control of these hosts and stole commercial secrets.
Another attack took place in May 2023, according to the centre. The attacker used a breach in Microsoft Exchange software to invade the email server of a large hi-tech enterprise specialising in smart energy and digital information.
The attacker implanted back-door programs in the company’s server and stole email data, then attacked and took control of more than 30 devices to steal commercial secrets, the centre said.