Global EditionASIA 中文双语Français
Home / China / Society

Cyberattack probe suggests a US source

By Zhang Xiaomin | | Updated: 2022-09-05 16:23
Share - WeChat

The Office of Tailored Access Operations, or TAO, the cyber warfare intelligence agency under the US National Security Agency, is the source of a cyberattack on the email system of Northwestern Polytechnical University in Xi'an, Shaanxi province, according to preliminary investigative conclusion released on Monday.

The report was released by China's National Computer Virus Emergency Response Center and Chinese security software giant Qihoo 360. The two jointly formed a technical team and analyzed the case.

According to the report, the team collected some Trojan samples from the university's information system and several terminals that have access to the internet.

Through existing data resources and analysis at home, and with the support of partners from some countries in Europe and South Asia, the team has restored the overall picture of the technical characteristics of the cyberweapon, path and source of the attack, the report said, delivering a preliminarily judgment that the attack originated with the TAO of the NSA.

On June 22, the university announced that there had been a cyberattack launched from overseas. Later, the police in Xi'an's Beilin district said in a statement that Trojan horse samples originating from abroad were discovered in the university's information network and that an investigation had begun.

Phishing emails containing Trojan horse programs were disguised as research reviews, invitations to academic events and opportunities to study abroad, the Beilin police said.

The emails attempted to trick students and teachers at the university, known for its education and research programs in aeronautics, astronautics and marine technology engineering, into clicking on links and giving away their sign-in information, which would result in potential data leaks.

Cui Jia contributed to this story.

Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349