Trove contains highly confidential military and aerospace test data
Hacker claims to have exfiltrated over 10 petabytes of sensitive military and research data from Tianjin’s National Supercomputing Center.
A hacker claims to have stolen more than 10 petabytes of data from the National Supercomputing Center (NSCC) in Tianjin, China.
The NSCC is a centralised hub which provides infrastructure services for approximately 6000 clients across China, including the science and defence agencies. Among the stolen data are defence documents and missile data.
An account called FlamingChina posted a sample of the alleged dataset on an anonymous Telegram channel in early February. The post claimed that the dataset included “research across various fields including aerospace engineering, military research, bioinformatics, fusion simulation and more.”
Online samples of the hacked data appear to show internal folders, login details, technical manuals and schematics linked to weapons testing and aerospace work.
Years of research potentially compromised
Cyber experts have reviewed samples of the stolen data and appear to think it is genuine. The attacker was able to mounts of the attack over a period of months, smuggling the data out slowly whilst evading detection.
Officials in China have not confirmed the breach.
Commenting on the attack, Jake Moore, Global Cybersecurity Advisor, ESET said:
“This could be absolutely huge, and it shows even top-tier, state-backed infrastructure isn’t immune to relentless attacks. Until we know how this occurred it would be difficult to assume the exact entry point and methods used. However, when a target is this lucrative and holds such a treasure trove of information, it is often assumed inevitable that it would be attacked constantly via a range of sophisticated techniques.
“Along with lots of sensitive information, the quality of the data is potentially going to contain years of R&D, which could go on to be replicated or reverse engineered elsewhere with a wide range of worrying repercussions.”
Geopolitical consequences
If the data is genuine and the hackers really did siphon out 10 petabytes of data without anyone noticing, it would be more than embarrassing for an administration for which security is paramount.
Because the stolen data apparently includes military and aerospace research such as data from fighter jets and hypersonic missile testing, it could give China’s geopolitical rivals visibility of some of China’s most covert activity.
It may also cause questions to be asked about a policy which has seen vast resources channelled into China-owned and developed supercomputing specifically to reduce dependence on technology (mainly chips) manufactured in the West – a policy which would have seemed more important in light of Trump’s changeable policy of chip export controls.