Cyber Incident Victim: National Association of Manufacturers
Date:
Nov 2019
Location:
United States of America
Summary
Suspected Chinese hackers breached the National Association of Manufacturers during heightened U.S.-China trade negotiations, with a cybersecurity firm attributing the intrusion to China based on tools and techniques linked to known Chinese hacking groups. The organization detected suspicious activity on its internal network, engaged external experts to contain the breach, and stated its systems were subsequently secured, though the specific data compromised remains unclear. The incident coincided with meetings between the group's leadership and U.S. officials, reflecting broader concerns about cyber-espionage targeting industry associations to gain insights into trade policy positions. Chinese authorities denied the allegations, dismissing them as fabricated and politically motivated.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In summer 2019, during heightened U.S.-China trade negotiations, suspected Chinese hackers breached the internal computer network of the National Association of Manufacturers (NAM), a prominent U.S. industry group influential in shaping Trump administration trade policies. The intrusion occurred shortly before formal negotiations between U.S. and Chinese officials regarding potential trade deal terms. Cybersecurity investigators hired by NAM attributed the attack to China based on analysis of tools and techniques consistent with known Chinese hacking groups. The hackers intensified efforts to steal information around the time of a meeting between NAM President Jay Timmons and President Donald Trump. While the specific data compromised remains unclear, the breach targeted NAM's systems during a period when the organization actively supported U.S. trade policy initiatives, including public events promoting the United States-Mexico-Canada Agreement. NAM detected suspicious activity on its network and engaged an external cybersecurity firm to investigate, contain the breach, and secure affected systems.
The incident reflects broader patterns of suspected Chinese cyber operations against U.S. industry trade organizations during the Trump administration, with cybersecurity experts noting Beijing's interest in gathering intelligence on American policy positions. NAM spokesperson Erin Streeter acknowledged the organization's status as a high-profile cyberattack target but confirmed network security had been restored following remediation efforts. Chinese Foreign Ministry spokesman Geng Shuang denied involvement, characterizing the accusations as fabricated and politically motivated. The breach occurred amid multiple U.S. Justice Department indictments of alleged Chinese operatives for corporate espionage in 2019, while leaked documents revealed U.S. intelligence agencies had also conducted cyber espionage against foreign trade officials. NAM maintained its public advocacy role throughout the incident, continuing to coordinate manufacturing-focused events with administration officials like Vice President Mike Pence.