A hacker has allegedly stolen a huge trove of delicate data – together with extremely categorised protection paperwork and missile schematics – from a state-run Chinese supercomputer in what may probably represent the biggest identified heist of data from China.
The dataset, which allegedly comprises greater than 10 petabytes of delicate data, is believed by consultants to have been obtained from the National Supercomputing Center (NSCC) in Tianjin – a centralized hub that gives infrastructure companies for greater than 6,000 purchasers throughout China, together with superior science and protection businesses.
Cyber consultants who’ve spoken to the alleged hacker and reviewed samples of the stolen data they posted on-line say they appeared to acquire entry to the large pc with comparative ease and have been in a position to siphon out big quantities of data over the course of a number of months with out being detected.
An account calling itself FlamingChina posted a pattern of the alleged dataset on an nameless Telegram channel on February 6, claiming it contained “research across various fields including aerospace engineering, military research, bioinformatics, fusion simulation and more.”
The group alleges the data is linked to “top organizations” together with the Aviation Industry Corporation of China, the Commercial Aircraft Corporation of China, and the National University of Defense Technology.
NCS has reached out to China’s Ministry of Science and Technology in addition to the Cyberspace Administration of China for remark.
Cyber safety consultants who’ve reviewed the data say the group is providing a restricted preview of the alleged dataset, for hundreds of {dollars}, with full entry priced at tons of of hundreds of {dollars}. Payment was requested in cryptocurrency.
NCS can’t confirm the origins of the alleged dataset and the claims made by FlamingChina, however spoke with a number of consultants whose preliminary evaluation of the leak indicated it was real.
The alleged pattern data appeared to embrace paperwork marked “secret” in Chinese, together with technical recordsdata, animated simulations and renderings of protection tools together with bombs and missiles.
“They’re exactly what I would expect to see from the supercomputing center,” stated Dakota Cary, a marketing consultant at cybersecurity agency SentinelOne who focuses on China and has reviewed the samples positioned on-line from the alleged hack.
“You would use supercomputer centers for large computational tasks. The swath of samples that the sellers put out kind of really speaks to the breadth of customers that this supercomputing center had,” Cary stated.
Most of these clients would have little cause to preserve their very own supercomputing infrastructure independently, he added.
The Tianjin middle — the primary of its form in China when it opened in 2009 — is one of a number of supercomputing hubs positioned in main cities together with Guangzhou, Shenzhen, and Chengdu.
According to Marc Hofer, a cybersecurity researcher and writer of the weblog NetAskari, the scale of the dataset would make it enticing to adversarial state intelligence companies.
“Only they probably have the capacity to work through all this data and come back with something useful.”
To put the dimensions in perspective: one petabyte equals 1,000 terabytes, and a high-spec laptop computer usually holds round one terabyte.
“There are leaks from China’s cyber ecosystem that I’m familiar with that have sold very quickly,” Cary advised NCS. “I’m sure that there are plenty of governments globally that are interested in some of the data at the NSCC, but many of those governments that are interested also may already have the data.”
Hofer, who reviewed the pattern of the leak, stated he was in a position to contact on Telegram a one who claimed that they had carried out the hack. The attacker claimed to have gained entry to the Tianjin supercomputer via a compromised VPN area.
Once inside, the attacker advised Hofer they deployed a “botnet” — a community of automated packages that have been in a position enter the NSCC’s system and then extract, obtain and retailer the data. The extraction of 10 petabytes of data took round six months.
NCS couldn’t independently confirm the account the hacker gave to Hofer.
Cary stated the strategy was much less about technical sophistication and extra about structure.
“You can think of it as having a bunch of different servers that you have access to and you’re pulling data through this hole in the security of the NSCC — pulling some down to one server, some down to the next,” he stated.
By distributing the extraction throughout many methods concurrently, the attacker decreased the chance of triggering an alert. Somebody on the defensive facet is much less doubtless to discover small quantities of data leaving the system in contrast to massive quantities of data going to one location, Cary stated.
Cary added that the strategy, whereas efficient, was not notably distinctive.
“It wasn’t, at least my read on it, anything particularly incredible in the way that they pulled out this information,” he stated.
The alleged breach, if real, factors to a probably deeper vulnerability in China’s expertise infrastructure because it vies with the United States to be a world class expertise innovator and AI chief. Cybersecurity has lengthy been a identified weak spot throughout each the federal government and non-public sector, in accordance to Cary.
In 2021, a huge on-line database apparently containing the non-public data of up to one billion Chinese residents was left unsecured and publicly accessible for greater than a yr till an nameless consumer in a hacker discussion board supplied to sell the data and introduced it to wider consideration in 2022.
“They’ve really had poor cybersecurity for a very long time across a wide number of industries and organizations,” Cary advised NCS. “If you look at what Chinese policymakers say themselves, cybersecurity in China has not been good. They would say it’s still improving at this point in time.”
China’s personal authorities has acknowledged as a lot.
The nation’s National Security White Paper in 2025 listed constructing “robust security barriers for the network, data, and AI sectors” as a key precedence, including that “China has continued to strengthen the development of coordinated cybersecurity mechanisms, means, and platforms to ensure the security and reliability of key information infrastructure.”