Pages

26 September 2022

The US allegedly used 41 cyber-weapons to steal China’s core technology data

Baba Tamim

China has accused the U.S. of "hacking" into a Chinese space and aviation university, "stealing" critical technical data.

U.S. National Security Agency's (NSA) cyber-warfare unit "penetrated and controlled" unnamed telecom operators, Chinese news media Global Times reported on Thursday, quoting its state sources.

The sources claim that the Chinese government will soon reveal the details of the cyberattack, which actually occurred in June.

"Hackers from abroad were caught sending phishing emails with Trojan horse programs to teachers and students at the university, attempting to steal their data and personal information," Northwestern Polytechnical University, China's key public research university in Xi'an, announced on June 22.

"The attack attempted to lure teachers and students into clicking links of phishing emails with Trojan horse programs, with themes involving scientific evaluation, thesis defense, and information on foreign travel, so as to obtain their email login details," said a local police statement.

‘41 types of cyber weapons’

NSA allegedly discovered a "legal" remote access channel to the core data network of some operators for the U.S. intelligence agency to infiltrate and control the country's infrastructure.

"The cyberattack to the university was conducted by the Tailored Access Operations (TAO) (Code S32) under the Data Reconnaissance Bureau (Code S3) of the Information Department (Code S) of U.S.' NSA," claimed China's National Computer Virus Emergency Response Center.

"Aiming at Northwestern Polytechnical University, TAO used 41 types of weapons to steal the core technology data including key network equipment configuration, network management data, and core operational data," alleged the center.

The technical team found "over 1,100 attack links hidden inside the institution as well as over 90 operational instruction sequences."

The center also discovered that "TAO had infiltrated some infrastructure operators in China, created a 'legal' channel for remote access to the core data network, and attempted to control China's infrastructure," the newspaper reported.

U.S. and China are the world's top most potent cyber nations, according to the experts at the Belfer Center for Science and International Affairs at Harvard's Kennedy School.

However, China continues strengthening its cyber capabilities even though the U.S. is rated first. It currently holds global leadership in critical cyber power categories.

In 2021, the U.S., E.U., NATO, the U.K., and four other nations came together to accuse Beijing of orchestrating extensive exploitation of flaws in Microsoft's widely used Exchange corporate server software. They ascribed some of the blame for the action to China's Ministry of State Security (MSS).

With the aid of an easy-to-use "web shell" tool, it affected roughly 250,000 organizations worldwide. It allowed hackers from a group Microsoft has termed Hafnium to siphon off enterprise emails for espionage. Anyone with the appropriate password could hack into a compromised Exchange server.

"The level of hacking emerging from China in 2021 was "a more kind of severe threat than we previously anticipated," Jamie Collier, a consultant with Mandiant, a cybersecurity firm whose work is often cited by intelligence agencies, told The Guardian.

Earlier this year, FBI Director Christopher Wray disclosed that his agency discovered a new instance of Chinese spy operations every 12 hours.

Over 2,000 open investigations examining instances of the Chinese government seeking to steal American information have been documented, according to Newsweek.

Meanwhile, the U.K.'s counter-intelligence and security agency has disclosed that over the past three years, the country had to quadruple its efforts to counter Chinese cyber operations and that it would be doing so again soon.

No comments:

Post a Comment