CHINAGLOBAL EDITION
HOME
NEWS
FOCUS
OPINION
GBA
VIDEO
Visual News
ADVANCED
Published: 11:15, September 27, 2022 | Updated: 11:51, September 27, 2022
China discloses more evidence of cyberattacks by US agency
By Xinhua

A sign for the National Security Agency (NSA), US Cyber Command and Central Security Service is seen near the visitor's entrance to the headquarters of the National Security Agency (NSA) in Fort Meade, Maryland, Feb 14, 2018. (SAUL LOEB / AFP)

BEIJING - China on Tuesday released a new investigation report in which it said further evidence has been found to show the US National Security Agency (NSA) is behind "thousands of cyber attacks" on a Chinese university.

Chinese experts have found that the attacks against China's Northwestern Polytechnical University originated from the US National Security Agency-affiliated Office of Tailored Access Operation (TAO), which had exposed its own technical loopholes and operational missteps during the attack, according to the report published by China's National Computer Virus Emergency Response Center in collaboration with internet security company 360

With the technical support from a number of European and Southeast Asian countries, Chinese experts were able to retrace the technical features, attack weapons and paths used in the cyber attack against China's Northwestern Polytechnical University, according to the report published by China's National Computer Virus Emergency Response Center in collaboration with internet security company 360.

They have found that those attacks originated from the NSA-affiliated Office of Tailored Access Operation (TAO), which had exposed its own technical loopholes and operational missteps during the attack, the report showed.

Earlier probe has found that 41 types of cyber weapons were used by TAO in the recently exposed cyber attacks against the university.

Among the 41 types of cyber attack tools, 16 are identical to the TAO's weapons that have been exposed by hacker group "Shadow Brokers," and 23 share a 97 percent genetic similarity with those deployed by TAO, according to the report.

ALSO READ: Cyberattacks on Chinese university condemned

The remaining two types need to be used in conjunction with other cyber attack weapons of TAO, the report added, adding that the homology of the weapons suggests they all belong to TAO.

Technical analysis found that the cyber attackers' working time, language and behavior habits, and operation miss have also exposed their links with TAO.

The report detailed the process of TAO's infiltration into the Chinese university's internal network. TAO first used "FoxAcid," a man-in-the-middle attack platform, to hack into the university's internal host computer and servers, and then gained control over several key servers with remote control weapons. It then controlled some important network node equipment including the university's internal routers and switches, and stole authentication data.

Hiding in the university's operation and maintenance servers, TAO stole several key configuration files of network equipment, which were used to "validly" monitor a batch of network equipment and internet users.

The Chinese investigation team found that TAO captured personal information of some people with sensitive identity on the Chinese mainland. The information was sent back to headquarters of the NSA via multiple jump servers.

READ MORE: Cyberattack on Xi'an university traced to NSA in US

The report showed the true identities of 13 attackers have been found out.

The report, revealing details of the US cyber attacks against the Chinese university, was released to offer lessons to countries across the world so that they can more effectively identify and prevent cyber attacks by TAO.

TOP
VISUAL NEWS
ALSO READ
More
Top Chinese diplomat to visit Indonesia, Cambodia and Papua New Guinea
Xishuangbanna hosts water-splashing festival, ushering in year of prosperity
China urges restraint in Red Sea, calls for end to attacks on shipping
Xi puts forth four principles to resolve Ukraine crisis
China supports IAEA’s efforts to enhance nuclear safety in Ukraine amid ongoing crisis
China's top legislature schedules upcoming standing committee session
Top Chinese, Iranian diplomats discuss Israel-Iran tensions
Nations pledge trade link amid headwinds
NEWS
Hong Kong
Nation
Asia
World
Business
Sports
FOCUS
Life & Art
In-depth China
Quirky
Photo
Graphics
Data
Culture HK
Global Weekly
Eye on Asia
OPINION
Editorials
Columns
Grenville Cross
Tu Haiming
Richard Cullen
Lau Siu-kai
Tony Kwok
Ho Lok-sang
Quentin Parker
Henry Ho
Xiao Ping
GBA
GBA Guide
GBA Life
GBA in Figures
GBA Pulse
VIDEO
Girl City
Drone and Phone
Asia Featured
China Daily DOCS
Tech Asia
Hong Kong Enquirer
Visual News
Readable News
The Gold
Beats of Taiwan
90 Sec Doc
CDHK In-Depth
Youth from Hong Kong and Macao
Peak Talk
ePaper
Hong Kong Edition
Global Weekly
More
Roundtable
Campus News Awards
Newsletter
Lifestyle Premium
Follow Us
CHINAGLOBAL EDITION
Copyright 1995 - 2023. All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily. Without written authorization from China Daily, such content shall not be republished or used in any form.