China’s Cyberattacks Tied to U.S. Companies, Contractors and Government Systems

Hacking China concept

This article by Hanqing Chen was published by ProPublica on Aug. 27.

U.S.-China tensions have risen recently over suspicions of Chinese nationals infiltrating U.S. company computer systems. In late May, the U.S. Justice Department accused five Chinese military officers of allegedly hacking several U.S. companies, marking the first time the Obama administration has publicly accused China of cyberspying. The indictments came amid a string of U.S. security breaches tied to hackers in China. Here are some of the most notable cybersecurity breaches tied to China from the past several years.

How a Chinese National Gained Access to Arizona’s Terror Center

ProPublica and The Center for Investigative Reporting, August 2014

Lizhong Fan worked for five months at the Arizona Terrorism Center with access to sensitive information on 5 million Arizona drivers 2014 then disappeared without a trace. U.S. officials still don’t know exactly what data he took back to China. We explore how the computer engineer was allowed to work at “one of the best-run and most effective” intelligence facilities in the U.S. without the standard security vetting.

Chinese Hackers Pursue Key Data on U.S. Workers

New York Times, July 2014

Unnamed U.S. officials told The New York Times that Chinese hackers breached computer networks of the Office of Personnel Management, which manages data for federal employees in March 2014. The Times noted the attack was “particularly disturbing” because the agency oversees a system containing employees’ sensitive financial information. Four months after the attack, a spokeswoman for the Obama Administration said that no personally identifiable information had been compromised.

China’s Cyberspies Outwit Model for Bond’s Q

Bloomberg Businessweek, September 2013

Defense contractor QinetiQ, which has developed drones, satellites and software used by the U.S. military, found its research had been compromised over the course of three years by members of a Chinese military hacking unit (Businessweek has a timeline of events). “We found traces of the intruders in many of their divisions and across most of their product lines,” Christopher Day, who was hired twice by QinetiQ to investigate the intrusions. “There was virtually no place we looked where we didn’t find them.”

Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

New York Times, February 2013

A Shanghai-based hacking group tied to the People’s Liberation Army in China has orchestrated more than 140 attacks on U.S. companies including Coca-Cola and Lockheed Martin, according to a 60-page study on the group by security firm Mandiant. Embassy officials denied that China’s government was involved with hacking, and an official with the Chinese Ministry of Foreign Affairs called the allegations “unprofessional.” But Rep. Mike Rogers (R-Mich.) told The Times that Mandiant’s findings were “completely consistent with the type of activity the Intelligence Committee has been seeing for some time.” The story features a graphic breakdown of the types of industries apparently targeted by the hacking collective over time.

Hackers in China Attacked The Times for Last 4 Months

New York Times, January 2013

The Times reported that Chinese hackers allegedly infiltrated their networks over four months, beginning in September 2012, setting up back doors to user computers and eventually obtaining access to usernames and passwords for every Times employee. The initial breach coincided with the newspaper’s publication of a story about the relatives of Chinese prime minister Wen Jiabao.

According to The Times, Bloomberg News computers were targeted (though not breached) under similar circumstances in 2012. After the Times report, The Wall Street Journal and The Washington Post also reported having been targeted by suspected Chinese hackers.

Chinese Hackers Hit U.S. Chamber

The Wall Street Journal, December 2011

A group of hackers in China compromised computer networks at the U.S. Chamber of Commerce, according to WSJ. Chamber officials told the newspaper “internal investigators found evidence that hackers had focused on four Chamber employees who worked on Asia policy, and that six weeks of their email had been stolen.” The “complex operation” was detected and shut down in May 2010, the newspaper reported.

Personal Liberty


is an independent, non-profit newsroom that produces investigative journalism in the public interest. The organization’s work focuses exclusively on truly important stories, stories with “moral force.” ProPublica seeks to produce journalism that shines a light on exploitation of the weak by the strong and on the failures of those with power to vindicate the trust placed in them. ProPublica is headquartered in Manhattan. Its establishment was announced in October 2007. Operations commenced in January 2008, and publishing began in June 2008.

Join the Discussion

Comment Policy: We encourage an open discussion with a wide range of viewpoints, even extreme ones, but we will not tolerate racism, profanity or slanderous comments toward the author(s) or comment participants. Make your case passionately, but civilly. Please don't stoop to name calling. We use filters for spam protection. If your comment does not appear, it is likely because it violates the above policy or contains links or language typical of spam. We reserve the right to remove comments at our discretion.