Security researchers on Wednesday said that hackers connected to the Chinese government have attempted to access sensitive information from dozens of global organizations.
Security firm Cybereason published research on a cyberattack believed to have had the goal of stealing sensitive proprietary information from technology and manufacturing companies mainly in East Asia, Western Europe and North America.
The group said it had “medium-high confidence” that the attack was linked to Winnti APT group, which specializes in cyber espionage and intellectual property theft and is believed to work for Chinese state interests.
In a statement, Cybereason CEO and co-founder Lior Div said the group made “intricate and extensive efforts” to garner information from the organizations.
“The most alarming revelation is that the companies weren’t aware they were breached, going some as far back as at least 2019, giving Winnti free unfiltered access to intellectual property, blueprints, sensitive diagrams and other proprietary data,” Div said.
The attack is thought by Cybereason to be “one of the largest IP theft campaigns of its kind coming from China.”
The security firm said it has briefed both the FBI and the Justice Department on the findings from its research.
When asked about the report, Chinese Embassy spokesperson Liu Pengyu told CNN that China “will never encourage, support or condone cyber attacks.”
“China opposes groundless speculation and accusations on the issue of hacker attacks,” Liu continued. “If the firm really care [sic] about global cyber security, they should pay more attention to the cyber attacks by the US government-sponsored hackers on China and other countries.”
Last month, China made other headlines for cybersecurity reasons after Beijing allegedly launched a major cyberattack on Ukraine’s military and nuclear facilities before Moscow invaded the country.
At that time, a report in a British newspaper, The Times, said that Ukraine’s security service had accused the Chinese government of attempting to hack over 600 websites connected to the government and other key institutions.