Chinese Ministry of State Security

China's Ministry of State Security (MSS) on Wednesday warned the public about growing espionage-related cyber threats targeting key government agencies, research institutes and infrastructure, disclosing three recent cyberattack cases linked to foreign intelligence agencies, highlighting significant lapses in cybersecurity awareness and data protection.

In recent years, foreign intelligence agencies have intensified cyber-based espionage efforts, posing growing threats to China's national security, the MSS said in a statement released on its official WeChat account.

The MSS detailed a case involving classified data leaks at a key state laboratory. An employee of the lab surnamed Wang, who deliberately bypassed internal approval and oversight procedures for the sake of convenience, storing more than 1,000 classified documents on his personal internet-connected computer.

One day, Wang downloaded an attachment from an unverified email, which allowed foreign espionage agents to install malware, secretly controlling his computer for three months, resulting in the theft of sensitive and classified information, according to the MSS.

Another incident involved an employee surnamed Zhang at a government agency, who received a phishing email disguised as an official planning directive.

Without any doubt, Zhang clicked on a link in the email without proper verification. The link led him to a phishing site, enabling foreign intelligence operatives to steal login credentials and access sensitive email content. As a result, confidential data from the institution was compromised, according to the MSS.

In a third case, overseas espionage agencies exploited an outdated office automation (OA) system of a research institution, which lacked regular software updates and antivirus protections. Malware was implanted, leading to the theft and illicit sale of critical institutional data, the MSS said.

Overseas intelligence agencies have sought to exploit vulnerabilities in domestic OA systems to carry out cyberattacks and steal classified information from government bodies, research institutes, key enterprises and critical infrastructure, said the MSS.

The MSS called for greater awareness and stronger preventive measures, particularly among those personnel in sensitive roles. It urged all citizens to adhere strictly to China's national secrecy regulations, which prohibit the storage or processing of classified data on unauthorized or unsecured systems.

Mishandling of emails, clicking unverified links, or installing unknown software, could provide foreign spies with direct access to critical information systems, the ministry warned.

The MSS underscored the responsibility of institutions to actively conduct counter-espionage education, staff training, and strengthen cybersecurity defenses, particularly the timely updating of antivirus software and critical information infrastructure.

Outdated or inactive cybersecurity protections could turn computers into entry points for espionage. "Cybersecurity software serves as a critical first line of defense. Once compromised, systems can be silently infiltrated and repurposed by hostile actors," it said. Operators of critical infrastructure must adopt and regularly update technical safeguards to detect, block and respond to external cyber threats.

Global Times