Chinese hackers targeted US agencies during trade talks

Researchers found Chinese hackers trying to access multiple agencies in Alaska.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
2 min read
Hacker cyber attack

Chinese hackers targeted Alaskan agencies at the height of trade negotiations, researchers said.

/ Getty Images

As Alaskan leaders headed to China to discuss trade deals, Chinese hackers were swarming their US networks, security researchers said.

Researchers from Recorded Future said they discovered Chinese hackers targeting the Alaskan state government, as well as the state's Department of Natural Resources and energy, telephone and communications companies.

The cybersecurity firm said it saw more than 1 million connections between Chinese hackers and Alaskan networks between April 6 and June 24.

These attacks happened as Alaska governor Bill Walker was promoting a trade mission to China, through which the state hoped to expand deals with its largest trading partner. The talks included a potential gas pipeline between Alaska and China, which was estimated to cost $43 billion.

Nation-state hackers have already infiltrated US power grids and millions of routers as cyberattacks give spies a new way to gather information. Unlike cybercriminal organizations, which can steal millions of dollars, state-backed hackers have the full resources of its government, and their attacks are often politically motivated.  

Watch this: Hackers take on new voting machines at Defcon

In Alaska's case, Recorded Future's researchers said, the Chinese hackers were looking to gain an advantage during the trade talks. It's unclear whether the Chinese hackers successfully breached any networks within the Alaskan agencies, but the large number of scans signal they were looking for any vulnerabilities they could use to gain access.

The researchers first noticed scanning activities from China in late March, after Walker announced the trade mission. It increased until Walker's team arrived on May 20, and then spiked again on May 28 as the team left.

"The spike in scanning activity at the conclusion of trade discussions on related topics indicates that the activity was likely an attempt to gain insight into the Alaskan perspective on the trip and strategic advantage in the post-visit negotiations," according to the report.

Another series of attacks surfaced between June 20 and June 24, this time targeting the Alaska Department of Natural Resources and the state government's networks. This happened a day after Walker announced he was meeting with US and Chinese officials over President Trump's trade war with China.

Alaskan state officials did not respond to a request for comment.

The security researchers also spotted Chinese hackers scanning for vulnerabilities with Safety NetAccess, a company that provides wireless networks for hotels, including the Hilton, Marriott and Wyndham chains. They found that Chinese state actors had accessed a login page for a Holiday Inn in Florida. Safety NetAccess did not respond to a request for comment.

The report indicated that the Chinese hackers were using computers from Tsinghua University, often called "China's MIT."

The university did not respond to a request for comment, but told Reuters that "this is baseless."

Recorded Future said it's sent its findings to the FBI.

Security:  Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

Don't roll a 4: Defcon hacking challenge swings a sledgehammer at unlucky computers