10 PB Data Leak from China's Supercomputer Center: Military AI Datasets at Risk
Hacker FlamingChina breached the National Supercomputing Center (NSCC) in Tianjin, extracting 10 petabytes of data over six months. Among the stolen data—AI datasets from military labs, missile system blueprints, aerospace simulations, and hypersonic weapon materials. Independent cybersecurity experts verified the authenticity of samples published in February. A CNN report drew widespread attention to the incident.
The center provides computing resources to over 6,000 Chinese organizations, including AVIC, COMAC, and the National University of Defense Technology. These resources are used for simulations, training military AI models, and compute-intensive tasks.
Hacking Technique: Simplicity and Stealth
Access was gained through a compromised VPN domain. The hacker deployed a botnet to gradually exfiltrate data in small chunks, avoiding detection system triggers. SentinelOne expert Dak Carey noted: the scheme is similar to siphoning data through a vulnerable server without triggering defenses.
The six-month operation went unnoticed. No official comments from NSCC or Chinese authorities. Coincidence: in March, names of aviation, nuclear weapons, and missile specialists disappeared from the Chinese Academy of Engineering website.
Leak Contents and Consequences
- AI datasets: Training samples from labs affiliated with the PLA for military simulations.
- Technical blueprints: Missile systems, hypersonic weapons.
- Simulations: Aerospace models from clients like AVIC and COMAC.
- Volume: 10 PB, requiring significant resources to analyze.
FlamingChina is offering the dataset for hundreds of thousands of dollars in crypto. NetAskari expert Mark Hofer believes only government agencies can effectively process such a massive dataset and extract valuable information.
Key Takeaways
- The breach exposed VPN vulnerabilities in China's critical infrastructure.
- The leak affects military AI developments and hypersonic technologies.
- The lack of response from authorities heightens suspicions about the extent of the damage.
- The gradual data exfiltration method is applicable to other data centers.
- Authenticity confirmed by SentinelOne and NetAskari experts.
The incident highlights the risks of cloud computing for defense projects: a simple VPN flaw led to the compromise of petabytes of sensitive data. For IT specialists, it's a signal to strengthen monitoring of network perimeters and access segmentation in HPC environments.
— Editorial Team
No comments yet.