Chinese Hackers Spent a Year Inside US Research Labs

Chinese-linked hackers spent more than a year inside US and Canadian research labs, quietly siphoning defense and artificial-intelligence data before they were caught, Google said Monday. The company's Threat Intelligence Group said the intruders maintained access to academic, medical and military research institutions across both countries from September 2023 until November 2025, making it one of the longest undetected cyberespionage campaigns aimed at North American science in recent years.

What the attackers were after

According to Google, the operators hunted for a specific basket of secrets: defense intelligence, military strategy in the Indo-Pacific, artificial intelligence, unmanned vehicles, cyber-warfare programs and medical research. The breadth is the point. The targeted organizations, which Google declined to name, span fields from drug discovery and clinical trials to public-health policy and military readiness, collectively employing thousands of people and commanding research budgets that run into the billions of dollars.

Google attributed the campaign to a group it tracks as UNC6508, a relatively new and little-known player rather than one of the long-established Chinese state-linked crews. Analysts say that is part of what made the operation effective: with no familiar signature to match against, the activity blended into normal network noise for months. "When you don't know a group's habits, you don't know what to look for," said a threat researcher in Cambridge, Massachusetts, who works with university security teams. "They had time to learn the environment and move at the pace of the people they were impersonating."

How they got in and stayed

The intruders relied on a familiar but durable playbook — stolen credentials and unpatched software vulnerabilities — to gain a foothold and then keep it. Once inside, they moved laterally, harvested more logins and positioned themselves to pull data over long stretches without tripping alarms. That patience, rather than any flashy zero-day, is the campaign's defining feature: a slow, methodical occupation of networks that were never built to repel a nation-state.

Research institutions are a soft target by design. Universities and labs prize open collaboration, host transient populations of students and visiting scientists, and often run a sprawl of legacy systems with thin security staffing. "A national lab has the crown jewels and the budget of a mid-size college IT department," the Cambridge researcher said. "Adversaries know exactly where that mismatch lives."

The choice of targets tracks closely with Beijing's stated technology priorities, analysts noted, from autonomous systems to next-generation pharmaceuticals — fields where stolen research can compress years of work and billions in spending into a head start. Including medical institutions in the same campaign as defense labs also fits a pattern security firms have documented for years: the line between military and civilian research is precisely where state-backed groups like to operate, because the data is valuable, the defenses are uneven, and the espionage is easy to dismiss as ordinary academic exchange until someone connects the intrusions.

A widening front

The disclosure lands amid a steady drumbeat of intrusions against American infrastructure and enterprise software. Just days earlier, federal officials ordered emergency patching after a Check Point VPN zero-day drew a CISA mandate, underscoring how exposed the perimeter tools that guard sensitive networks have become. Where that episode was a smash-and-grab against a known flaw, the UNC6508 campaign is the opposite: a long game built on stealth.

For the labs involved, the cleanup is only beginning. Determining what was taken across two years of access is painstaking work, and the stolen material — early-stage AI research, defense planning, clinical data — could surface in foreign programs for years without an obvious trail. US and Canadian officials have not publicly confirmed which institutions were hit, and Google said it shared its findings with affected organizations and government partners before going public. The broader lesson, security specialists argue, is uncomfortable: the most damaging breaches are no longer the loud ones, but the quiet visitors who stay for a year and let themselves out before anyone notices the door was open.