When a Supercomputer is Hacked, China's Military Secrets Are Suspected to Have Been Exposed

A major hacking case has rocked China. A hacker claims to have breached one of the Chinese government’s supercomputers and stolen highly sensitive data.

The information claimed to have been stolen includes secret defence documents, missile designs, and military simulations. If this claim proves valid, the incident could be one of the largest data thefts to ever hit a state facility in China.

The facility reportedly targeted is the National Supercomputing Center (NSCC) in Tianjin.

This supercomputing centre, operational since 2009, plays a crucial role by serving over 6,000 clients across China, including scientific institutions and strategic defence agencies. From this centre, the perpetrator is reported to have extracted around 10 petabytes of sensitive data.

For context, 1 petabyte is equivalent to 1,000 terabytes. Thus, the total data allegedly stolen is roughly equal to the storage capacity of 10,000 laptops each with 1 TB of storage. This amount illustrates the massive scale of the reported breach.

In their claim, the data originates from NSCC’s important clients, such as the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.

To gain full access to all the secret directories they control, the group is said to be demanding a ransom of up to hundreds of thousands of US dollars, payable in cryptocurrency.

Dakota Cary, a cybersecurity consultant from SentinelOne focused on the China region, stated that the circulating samples appear convincing.

The documents reportedly include files labelled secret in Mandarin, technical documents, and simulations of defence equipment such as bombs and missiles.

How could such a critical system be breached? According to Marc Hofer, a cybersecurity researcher who communicated with the perpetrator via Telegram, the attack began with a domain VPN that had previously been compromised.

Once inside, the perpetrators did not drain the data all at once. They utilised a botnet to extract, download, and store the data gradually and discreetly.

The process of stealing 10 petabytes of data is said to have lasted around six months without detection by the NSCC’s security systems.

Dakota Cary assesses that the method used is not particularly complex technically, but clever strategically. By breaking down the data extraction into small amounts across multiple different servers, the perpetrators managed to avoid triggering security alarms.

This case also spotlights cybersecurity issues in China. Amid the country’s ambitions to become a global leader in AI innovation and compete with the United States, data protection remains a frequent weak point, both in government environments and the private sector.

Previously, China has also been hit by major data breaches. In 2021, a database containing personal information of around 1 billion citizens was reportedly exposed for over a year. That breach only became public knowledge after an anonymous user offered it on a hacker forum in 2022.

As of this report, China’s Ministry of Science and Technology or the Cyberspace Administration of China (CAC) have not issued an official statement regarding the alleged breach of NSCC Tianjin.