[Well -off headline] Northwestern University of Technology was investigated by the NSA network attack event: 41 types of network attack weapons

On September 5th, the National Computer Virus Emergency treatment Center and 360 Company released a survey report on Northwestern Polytechnical University of Technology. my country's domestic network targets have implemented tens of thousands of malicious network attacks, controlled related network devices, and suspected of stealing high value data.

Western Industry Information System was attacked by the network

The source is the US National Security Agency

In April of this year, Xi'an Public Security Organs received an alarm of online attacks, and the information system of Northwestern Polytechnical University found traces of network attacks.

Song Qiang, deputy director and director of the Information Center of the Informatization Construction and Management of Northwest China University of Technology: Recently, our school has discovered the Trojan horse procedure and attempts to obtain permissions illegally, which has caused major hidden risk hazards to our school's normal work and order of life.

Xi'an Public Security Organs attach great importance to this, and immediately organized police forces and network security technology experts to set up a joint task force to investigate the case. The National Computer Virus Emergency Treatment Center and 360 Company jointly formed a technical team to participate in the technical analysis of the case throughout the process. The technical team has extracted a number of Trojan samples from multiple information systems and Internet terminals from Northwestern University of Technology, comprehensively uses domestic data resources and analysis methods, and has received the support of partners in Europe and South Asia. The overall summary, technical characteristics, attack weapons, attack paths, and attack source of related attacks were preliminarily determined that related attack activities originated from the "specific invasion action office" under the National Security Agency.

This survey also found that in recent years, the "Specific Action Office" under the National Security Agency under the National Security Agency has implemented tens of thousands of malicious network attacks on China's domestic network targets, and controlled tens of thousands of network devices, including:: Network server, Internet terminal, network switch, telephone switch, router, firewall, etc., stealing more than 140GB of high value data.

After complex technical analysis and traceability, the joint technology team restored the process of the Northwest Polytechnical University and the stealing documents. It mastered the "specific invasion action office" under the National Security Agency to implement network attacks and data on the China Information Network. Related evidence of secret stealing involves 13 people who directly launch cyber attacks in China in the United States, and the US National Security Agency signed more than 60 contracts with US telecommunications operators by covering the company to build a network attack environment. share.

At present, the joint task force has reported the results of the relevant survey to the relevant national departments.

NSA uses 41 network attack weapons to steal data

Northwestern Polytechnical University, which has been attacked, is located in Xi'an, Shaanxi. It is currently a key university engaged in aviation, aerospace, navigation engineering education and scientific research. It has a large number of national top scientific research teams and high -end talents and undertakes multiple national key scientific research projects. Police said that because Northwestern Polytechnical University has a special status and sensitive scientific research, it has become a targeted goal of this online attack.

The survey report shows that the National Security Agency continues to attack the stealing of Northwestern Polytechnical University and steal core technical data such as the school's key network equipment configuration, network management data, and operation and maintenance data. There have been 41 special network attack weapons and equipment, and only 14 different versions of the back door tool "Cunning Different Criminal Criminal" (NSA name).

Through the analysis of evidence, the technical team has accumulated a total of more than 1,100 attack links that attackers penetrated within Northwestern University of Technology, more than 90 instruction sequences of operation, and positioned multiple stolen networks from the invaded network devices. Equipment configuration files, sniffing network communication data and passwords, other types of logs and key files, and other main details related to attack activities.

"Specific Invasion Action Office"

What institution is it?

What is the institution of the "Specific Invasion Action Office" mentioned above?

It is understood that the "Specific Invasion Action Office" was established in 1998. It is currently a tactical implementation unit that specializes in the US government specializing in the implementation of large -scale network attacks on other countries. The National Security Agency set up 10 units in the centers in the United States and Europe.

The person in charge of the attack theft of Northwestern Polytechnical University was Robert Joyce. This person was born on September 13, 1967 and entered the National Security Agency in 1989. He has served as deputy director and director of the "Specific Invasion Action Office", and is currently the head of NSA network security of the National Security Agency.

Network security experts said that it is understood that the invasion office office represents the highest level of global cyber attacks. The large number of attack weapons they master are equivalent to the universal key in the Internet, which can be arbitrarily entered and out of the target equipment it wants, so as to thus Stealing intelligence or destruction.

The Ministry of Foreign Affairs responded to the Western University of Technology's network attack incident:

Ask the United States to stop the illegal behavior immediately

On September 5, a spokesman for the Ministry of Foreign Affairs Mao Ning presided over a regular press conference.

Some reporters asked questions that a few days ago, the National Computer Virus Emergency Treatment Center and 360 Company released a survey report on the Northwest Polytechnical University's network attack on the US National Security Agency, showing that the specific invasion action office of the National Security Agency has implemented the online goals of China. Tens of thousands of malicious network attacks. What are the Chinese comments on this? "The survey report you mentioned revealed another example of the US government's network attack on China," Mao Ning said, according to the technical analysis and technical analysis and technical analysis of the National Computer Virus Emergency Treatment Center and the 360 ​​Company Joint Technical Team Tracing traceability, the National Security Agency's evidence chain of China's implementation of network attacks and data theft is clear and complete, involving 13 people who directly launch cyber attacks in China in the United States, and signed with US telecommunications operators to build a network attack environment. There are more than 60 contracts and more than 170 electronic files.

Mao Ning pointed out that the report shows that the United States has successively used 41 special network attack weapons and equipment to launch thousands of attacks on Northwestern Polytechnical University and stole a number of core technical data. The United States has also carried out no different voice monitoring of mobile phone users in China for a long time, illegally stealing the text message content of mobile phone users, and a wireless positioning of it. The US acts seriously endanger China's national security and personal information security. China strongly condemned this, we asked the United States to explain and immediately stop illegal behavior.

Mao Ning emphasized that network space security is a common problem facing countries around the world. As a country with the most powerful network technology, the United States should immediately stop using its own advantages to steal and attack other countries, and participate in global network space management with a responsible attitude. To maintain a constructive role in maintaining network security.

(Well -off headlines Comprehensive CCTV News, China News Network, Beijing Daily Client)

Edit: Tian Yuan Yingying

School pair: Wang Fang

Review: Gong Zimo

- END -