What is the U.S. National Security Agency TAO, which launched a network attack on West Engineering University?

Polar News reporter Manda

According to CCTV News, on September 5, the National Computer Virus Emergency treatment Center and 360 Company released a survey report on Northwestern Polytechnical University. (TAO) Over the years, it has implemented tens of thousands of malicious network attacks on network targets in my country, controlled related network devices, and suspected of stealing high value data. Jimu Journalists sorted out and found that the TAO below the National Security Agency can be described as notorious.

NSA Headquarters (Picture Source: Mirror Weekly)

As early as 2013, the German "Mirror Weekly" exposed it. The agency was the largest department under the signal intelligence bureau of the National Security Agency to recruit a large number of hackers to break into, manipulate and use computer networks. TAO's branches are spread all over the United States. From 2003 to 2013, they invaded 258 targets of 89 countries, almost all over the world. They intercepted the call from former German Prime Minister Merkel, invaded the email account of the former President of Mexico, and monitored the email and telephone communications of PetroBras, an oil company holding a majority equity of the Brazilian government.

Tens of thousands of malicious network attacks

According to CCTV News, on June 22 this year, Northwestern Polytechnical University issued the "Public Statement" stating that the school was attacked by overseas network attacks. The Beilin Branch of the Xi'an Public Security Bureau of Shaanxi Province immediately released the Police Report, confirming that a number of samples from overseas were found in the information network of Northwestern Polytechnical University. The Xi'an police had officially filed a case for investigation.

After that, the National Computer Virus Emergency treatment Center and 360 Company jointly formed a technical team to participate in the technical analysis of the case throughout the process. The technical team has extracted a number of Trojan samples from multiple information systems and Internet terminals from Northwestern University of Technology, comprehensively uses domestic data resources and analysis methods, and has received the support of partners in Europe and South Asia. The overall summary, technical characteristics, attack weapons, attack paths, and attack source of related attacks were preliminarily determined that related attack activities originated from the Specific Action Office of the National Security Agency.

The survey found that in recent years, TAO under the United States NSA has implemented tens of thousands of malicious network attacks on China's domestic network targets, controlled tens of thousands of network devices, and stole high value data of more than 140GB.

In the network attack against Northwest University of Technology, TAO used more than 40 different NSA exclusive network attack weapons, continued to attack the stealing of Northwestern Polytechnical University, stealing core technologies such as key network equipment configuration, network management data, operation and maintenance data such as network management, operation and maintenance data of the school data.

Recruit a large number of employees in the hacker circle

What exactly is Tao? What are the disadvantages of it?

As early as 2013, Snowden exposed the U.S. "prism door" monitoring plan and unveiled the tip of the iceberg of TAO.

At that time, the German "Mirror Weekly" obtained TAO's top secret documents and exposed this infamous organization.

Tao was founded in 1997, when less than 2%of the world's population could access the Internet.

Starting from the first batch of TAO employees to move into the NSA headquarters office in Midori, Maryland, the department was placed in a separate wing building and separated from other departments of the agency. Their tasks have been clear from the beginning, that is, the way to searches for invasion of global communication traffic day and night.

Compared to other employees of NSA, Tao needs a special new type of employee. They are younger than other NSA staff, and their work is to break into, manipulate and use computer networks. They are hackers and civil servants.

In fact, NSA is recruiting new employees in the hacker circle. In recent years, former NSA director Kisi Alexander has appeared many times at major hackers in the United States. Sometimes he even wore jeans and T -shirts to shorten the distance between himself and the recruited employees.

It is reported that within the NSA, there are almost no departments as barbaric as TAO. In Hawaii's Wahi Ava, Gordonburg in Georgia, the NSA outpost in the Barkley Air Force Base near Denver, Colorado, the Mideburg headquarters in NSA, and San Antonio, Texas, all have TAO branches.

Even TAO has extended the tentacles to Germany. The agency also has a liaison in foreign countries. The liaison office is located near Frankfurt, Germany. The specific location is the European Safety Operation Center (ESOC) in a U.S. military in the outskirts of Darmchrishumhum. The courtyard.

TAO is located in the contact office of Frankfurt, Germany (Picture Source: Mirror Weekly)

The US online media "Daily beast" reported in 2017 that TAO has more than 1,000 military and cultural personnel, and is the largest department under the NSA Signal Intelligence Bureau.

I have intercepted the call from former Prime Minister of Germany

It is reported that TAO is called the highest action unit of NSA. They are like a team of channels. When the NSA's normal access to the target is prevented, they can be summoned.

"Mirror Weekly" exposed files inside NSA showed that TAO's "digital pipeliner" participated in many sensitive actions conducted by American intelligence agencies. TAO's business scope from counter -terrorism to network attacks to traditional spy activities. The tools used by TAO have also become diversified, and it uses the technical weakness of the IT industry to carry out cautious and effective attacks. The top -secret documents exposed by "Mirror Weekly" also showed that the development of TAO Texas's division was the most impressive. In 2008, the Texas Cryptics Center hired less than 60 TAO experts. By 2015, this number is expected to increase to 270. In addition, there are 85 experts in the "demand and target" department (13 in 2008). The number of software developers is expected to increase from 3 in 2008 to 38 in 2015.

The branch has attacked the goals of the Middle East, Cuba, Venezuela and Colombia, not to mention Mexico, which is only 200 kilometers away.

The document pointed out that the US Department of Homeland Security and the US intelligence agencies need to understand all information about the US -Mexico border drug trade, population trafficking and security. TAO's staff chose the system administrator and telecommunications engineer of the Mexico institutions as their goals, and called this action "WhiteTamale".

The report also said that before Merkel became the German Prime Minister, NSA listed her as the goal in 2002, by penetrating her email account, and then penetrated into the entire network and started to capture data. Electronic Space Network reported that TAO intercepted Merkel's phone and monitored it.

TAO also invaded the former President of Mexico President's email account, monitoring former Brazilian President Dilma Rosseff, and monitoring the email and telephone communication of PetroBras, a PetroBras, which the Brazilian government held by the Brazilian government.

Illegal invasion of company networks and submarine optical cables

The report also said that TAO can invade equipment including servers, workstations, firewalls, routers, mobile phones, telephone switches, SCADA systems, etc. Among them, SCADA is an industrial control system for factories and power plants. Anyone who can control these systems may destroy some of the key infrastructure of a country.

The most infamous attack is that the use of computer worms named STUXNET to manipulate the SCADA control technology used by the Iranian Natanz uranium concentrated facilities, resulting in up to 1,000 unstoppable ingenuity.

Earlier, the TAO agent also used the same method used by cyber criminals to guide the user to the link to the website of the virus infected by the attack email disguised as a spam. Later, TAO upgraded the tool and used a complex toolbox called "Quantumtheory" inside to improve the success rate of attack.

TAO includes the targets of Facebook, Yahoo, Twitter, and oil pipes. They obtained the static IP address for users of Yahoo and Facebook platforms, and also taught the technology to the British Intelligence Agency Government Communications Headquarters. The headquarters used this method to attack some computers from Belgacom employees controlled by the government in order The computer further penetrates into the company's network. At the same time, NSA uses the same technique to a senior member of the Organization of the Organization of the Petroleum Exporting Countries (OPEC) in Vienna headquarters. In this way, these tools can be used to access valuable economic data without hindrance.

TAO's spy behavior is not only for specific individuals, but even the entire network and network suppliers, such as optical fiber cables that convey global Internet traffic.

A document marked with "unique secrets" and "not suitable for foreigners" describes NSA's monitoring of the "SEA-ME-WE-4" cable system. This huge underwater cable connects Europe to North Africa and Gulf countries, and then continues to pass through Pakistan and India, extending to Malaysia and Thailand. The cable system originated from southern France and close to Marseille.

The document announced that on February 13, 2013, TAO "successfully collected network management information of the SEA-ME-WE submarine cable system".

- END -