According to a New York Times report citing cybersecurity experts, state-affiliated Chinese hackers have been targeting Russian government entities since May 2022 to acquire classified military intelligence. These cyber operations persisted despite public declarations of bilateral cooperation between Presidents Xi Jinping and Vladimir Putin.
The newspaper documented multiple incidents, including a 2023 case where a group called Sanyo impersonated a Russian engineering firm to steal nuclear submarine data. Taiwanese cybersecurity company TeamT5 uncovered this breach.
"Beijing appears to be collecting intelligence on Moscow's military operations in Ukraine, defense advancements, and strategic geopolitical moves," TeamT5 analysts explained to the Times.
Among the most aggressive hacking collectives mentioned is Mustang Panda, which reportedly broadened its targets to include Russian and European government institutions following Russia's full-scale invasion of Ukraine.
The report notes uncertainty about the effectiveness of these cyber intrusions. Security analysts interviewed by the Times speculate China may be using these operations to analyze contemporary warfare strategies and Western armaments' performance, given the nation's lack of recent battlefield experience.