How did the hackers remain undetected for so long?

The attackers embedded themselves in the authentication system, masking their activity as legitimate administrative actions. The isolated nature of the network also made detection difficult.

What security measures can prevent such attacks?

Key measures include multi-factor authentication, regular security audits, network segmentation, and monitoring for unusual activity. Keeping software updated and training employees on cybersecurity best practices is also critical.

Which organizations are most at risk for such attacks?

High-risk targets include companies with valuable data, government agencies, financial institutions, and tech organizations. Networks with high isolation levels may face weaker security oversight, increasing vulnerability.

← All news

Security

Chinese Hackers Spied on Isolated Network for a Decade via Authentication Flaw

June 14, 2026

Photo: BleepingComputer

Quick answer

Chinese hackers breached a company’s authentication system and spied on its isolated network for a decade, gaining access to administrative data.

A Chinese hacking group carried out one of the longest cyberattacks in history by gaining control of a target organization’s authentication system. The attackers exploited vulnerabilities in the infrastructure to deploy backdoors, allowing them to remain undetected in the isolated network for a decade.

The attack was highly stealthy: hackers disguised their activity as legitimate administrative processes, making threat detection difficult. They had full access to administrators’ data and actions, enabling them to collect confidential information without risk of exposure.

Cybersecurity experts note that such attacks require deep preparation and resources, suggesting involvement of state-sponsored or well-funded groups. Organizations are advised to strengthen authentication systems, implement multi-factor verification, and conduct regular security audits.

Special attention should be given to monitoring unusual activity in networks, even those considered isolated. The prolonged presence of attackers in the infrastructure underscores the need for a comprehensive cybersecurity approach, including employee training and software updates.

Common questions

How did the hackers remain undetected for so long?: The attackers embedded themselves in the authentication system, masking their activity as legitimate administrative actions. The isolated nature of the network also made detection difficult.
What security measures can prevent such attacks?: Key measures include multi-factor authentication, regular security audits, network segmentation, and monitoring for unusual activity. Keeping software updated and training employees on cybersecurity best practices is also critical.
Which organizations are most at risk for such attacks?: High-risk targets include companies with valuable data, government agencies, financial institutions, and tech organizations. Networks with high isolation levels may face weaker security oversight, increasing vulnerability.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml