The National Security Agency did!Internet attack at the source of Chinese universities

Author:Hunan Daily Time:2022.09.05

Today (5th), the National Computer Virus Emergency Treatment Center and 360 Company released a survey report on Northwestern Polytechnical University suffering from overseas network attacks. Come to implement tens of thousands of malicious network attacks on the domestic network targets, control relevant network devices, and suspected high value data.

In April of this year, Xi'an Public Security Organs received an alarm of online attacks, and the information system of Northwestern Polytechnical University found traces of network attacks.

Song Qiang, deputy director and director of the Information Center of the Informatization Construction and Management of Northwest China University of Technology: Recently, our school has discovered the Trojan horse procedure and attempts to obtain permissions illegally, which has caused major hidden risk hazards to our school's normal work and order of life. Our school attaches great importance to network security work and has called the police.

Xi'an Public Security Organs attach great importance to this, and immediately organized police forces and network security technology experts to set up a joint task force to investigate the case. The National Computer Virus Emergency Treatment Center and 360 Company jointly formed a technical team to participate in the technical analysis of the case throughout the process. The technical team has extracted a number of Trojan samples from multiple information systems and Internet terminals from Northwestern University of Technology, comprehensively uses domestic data resources and analysis methods, and has received the support of partners in Europe and South Asia. The overall summary, technical characteristics, attack weapons, attack paths, and attack source of related attack events, and the initially determined that related attack activities originated from the National Security Agency (NSA) "specific invasion action office" (Office of Tailored Access Operation (TAO) (TAO) Essence

This survey also found that in recent years, the National Security Agency (NSA) under the Specific Invasion Action Office (TAO) has implemented tens of thousands of malicious network attacks on China's domestic network targets, and controlled tens of thousands of network devices , Including: network server, Internet terminal, network switch, telephone switch, router, firewall, etc., stealing more than 140GB of high value data.

After complex technical analysis and traceability, the joint technical team restored the process of being attacked and stolen by the Northwestern Polytechnical University. Related evidence of network attacks and data theft involves 13 people who directly launch cyber attacks in China in the United States, and the National Security Agency (NSA) by covering the company's contract with the US telecommunications operator 60 with the US telecommunications operators. More than 170 e -files.

Jin Qi, deputy director of the Beilin Branch of the Xi'an Public Security Bureau: At present, the joint project has reported the results of the relevant investigation to the relevant national departments.