A hacking group believed to be linked to the Chinese government stole passwords and documents from a Taiwanese government-affiliated research center that specializes in computing, cybersecurity researchers at Cisco Systems said Thursday.

The attackers used a kind of malicious software tool that’s almost entirely used by China-based groups, after they gained access to the unnamed research center as early as July 2023, Cisco’s Talos threat intelligence group said in a report. Based on that and other techniques, Cisco believes with "moderate confidence” that the hackers are part of a state-sponsored espionage group called APT41, which U.S. officials have linked to China’s Ministry of State Security.

The attack highlights the threat that suspected Chinese cyberattacks pose to Taiwan, the island that’s been the source of escalating tension between the U.S. and China. China claims the island as part of its territory and has vowed to bring it under control. The government in Beijing has long denied any involvement in malicious hacking.

Cyberespionage has become a powerful tool in China’s tool set as it pursues its geopolitical aims, cybersecurity experts say. Recently leaked documents indicate that China-sponsored hackers have compromised high-value geopolitical targets.

In the intrusion at the Taiwanese research center, the attackers deployed an outdated version of Microsoft’s Office product to facilitate the breach and help to hide their access, said Vitor Ventura, a Talos security researcher. The researchers haven’t determined how the group breached the research center, and they declined to say how much data was stolen during the attack, which lasted 11 days. They also declined to identify the research center by name.

Cybersecurity experts at Alphabet’s Google last year said they had observed a "massive increase” in Chinese cyberattacks on Taiwan. Meanwhile, Taiwan called on experts from the U.S. Treasury Department and American cybersecurity firms to help prepare for more aggressive cyberattacks from Beijing.

APT41, the group tied to the recent hack, is believed to be a Chengdu, China-based hacking group, and it has been accused of compromising at least six U.S. state governments and stealing tens of millions of dollars in U.S. COVID-19 relief funds. A federal grand jury in 2020 indicted alleged hackers tied to the group and accused them of targeting more than 100 victims.