Chinese Academy of Engineering

The Chinese Academy of Engineering is the national academy of the People's Republic of China for engineering, operating under the State Council. Its core mission is to advance engineering science and technology, provide high-level consultancy and strategic advice to the nation on major engineering and technological issues, and promote the development of the engineering field. The academy's work encompasses a broad range of engineering disciplines, contributing to national strategic planning, major construction projects, and technological innovation. It functions as a prestigious academic institution, electing members known as academicians based on their outstanding achievements. The CAE also engages in fostering international engineering cooperation and exchanges, supporting the application of advanced technologies to benefit China's economic and social development. Its activities are central to China's long-term science and technology strategy, bridging academic research with industrial and governmental needs. The organization's authoritative status is derived from its role as a collective of leading engineering experts who advise on national priorities. It operates from its headquarters in Beijing, serving as a key pillar in the country's national innovation system. The academy's influence extends through its various divisions and affiliated institutions that address critical sectors such as information technology, energy, manufacturing, and environmental engineering.

A documented cybersecurity incident involving the organization occurred on February 25, 2015, when it was targeted by a cyberattack utilizing the Poison Ivy remote access tool. This attack was attributed to a threat group with a documented history of conducting espionage campaigns against Chinese entities. The incident underscores the persistent threat of cyber-espionage directed at institutions holding sensitive research and strategic technical information. Such attacks highlight the cybersecurity vulnerabilities faced by prominent academic and research bodies that are involved in nationally significant engineering and scientific domains. The event is noted as a specific case of malicious cyber activity against the academy, reflecting broader patterns of intellectual property theft and surveillance targeting China's scientific community. This breach serves as a reference point for understanding the operational risks to high-value research organizations within the country's critical infrastructure landscape. The attack method, Poison Ivy, is a well-known tool frequently employed in targeted campaigns for data exfiltration and system compromise. The incident is part of the public record of cyber threats against the organization, illustrating the ongoing challenge of protecting advanced research from sophisticated adversaries.