Indonesian Political, Business & Finance News

Hacker Breaches China's Supercomputer, Missile Data Leaked

| By Reza Wahyudi | Source: KOMPAS Translated from Indonesian | Technology
Hacker Breaches China's Supercomputer, Missile Data Leaked
Image: KOMPAS

A large-scale hacking incident has rocked China. A hacker claims to have breached one of the Chinese government’s supercomputers. The stolen data includes highly classified defence documents, missile schematics, and military simulation designs. If proven true, this incident could be the largest known data theft from a Chinese state facility in history. NSCC Tianjin is a central control hub providing computing infrastructure services to over 6,000 clients across China, including various high-level scientific and defence institutions. From this vital facility, the hacker managed to siphon approximately 10 petabytes of sensitive information. As a rough illustration, one petabyte is equivalent to 1,000 terabytes. Imagine a high-spec laptop today, which typically comes with only about 1 terabyte of storage. Thus, the stolen data equates to the storage of 10,000 such laptops. The actor behind the hack is an anonymous group of hackers named FlamingChina. They have been selling a small sample of the data via Telegram since 6 February. The group claims the data originates from top NSCC clients, such as the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology. To gain full access to the entire secret directory, FlamingChina is demanding a ransom of hundreds of thousands of US dollars, with transactions required in cryptocurrency. Dakota Cary, a consultant at cybersecurity firm SentinelOne focused on the China region, has analysed the sample distributed by the hackers. He confirmed that the sample, containing documents labelled “secret” in Mandarin, technical files, and simulations of defence equipment like bombs and missiles, appears genuine. Marc Hofer, a cybersecurity researcher who communicated with the perpetrators on Telegram, revealed that the hackers initially gained entry through a compromised VPN (Virtual Private Network) domain. Once inside the system, the attackers did not immediately drain the data. They used a botnet to slowly extract, download, and store the data stealthily.

View JSON | Print