Major Security Breach at Chinese Supercomputing Center
A significant cybersecurity incident has reportedly occurred at China's National Supercomputing Center in Tianjin, where a hacker allegedly stole massive amounts of sensitive information and is now attempting to sell the data online. Security experts have described this as potentially the largest known hacking of sensitive information from China, with the stolen dataset believed to contain over 10 petabytes of confidential material.
Stolen Data Includes Defence Secrets
The alleged hacker, operating under the Telegram account name "FlamingChina," has reportedly shared portions of the stolen information online and claims the data includes research across multiple critical fields. According to cybersecurity consultant Dakota Cary of SentinelOne, who has examined the sample data, the stolen information appears to be exactly what one would expect from a supercomputing center.
The compromised data reportedly includes:
- Top-secret defence documents marked "secret" in Chinese
- Technical diagrams of missile systems and defence equipment
- Aerospace engineering research and military studies
- Bioinformatics data and fusion simulation research
- Information linked to Chinese aviation industry and defence technology organisations
Months-Long Unnoticed Access
Cyber experts who have communicated with the alleged hackers and reviewed the data suggest the breach occurred over several months without detection. The hackers reportedly gained access to the supercomputer system and extracted information gradually, avoiding security protocols that might have alerted authorities to their activities.
The "FlamingChina" group has offered previews of the supposedly stolen information for thousands of dollars, according to reports. Cary noted that the breadth of samples released by the sellers demonstrates the wide range of customers served by the supercomputing center, which typically handles large computational tasks for various organisations.
Global Cybersecurity Concerns
This incident comes amid heightened global cybersecurity concerns, with the UK's National Cyber Security Centre recently warning about elite Russian hackers targeting routers commonly used in Britain. The NCSC advisory indicated that Russian state-linked hacker group APT28 has been exploiting vulnerable internet routers to enable Domain Name System hijacking operations.
Paul Chichester, NCSC's director of operations, emphasized the seriousness of such vulnerabilities, stating: "This activity demonstrates how exploited vulnerabilities in widely used network devices can be leveraged by sophisticated hostile actors. We strongly encourage organisations and network defenders to familiarise themselves with the techniques described in the advisory and to follow the mitigation advice."
The Russian hacking group's activities reportedly involve quietly rerouting users' internet traffic through malicious servers under their control, enabling them to intercept traffic and harvest login credentials including passwords and access tokens from personal web and email services.
The Chinese supercomputer breach represents a significant escalation in cyber threats targeting critical infrastructure and sensitive government research facilities. Security analysts are monitoring the situation closely as the alleged hackers continue their attempts to monetize the stolen information through online channels.
