Global EditionASIA 中文双语Français
China
Home / China / Society

Identities of cyberattackers who targeted Chinese university discovered

By CUI JIA | chinadaily.com.cn | Updated: 2023-09-14 17:58
Share
Share - WeChat
[Photo/IC]

The real identities of the people who launched the cyberattack against China's Northwestern Polytechnical University for the United States National Security Agency have been discovered, according to a report published on Thursday.

The university known for its programs in the fields of aeronautics, astronautics and marine technology engineering called the police after its internal servers were attacked in April 2022. It found that phishing emails with Trojan horse programs, which pretended to be research reviews, invitations to academic events and opportunities to study abroad, were sent to teachers and students at the university in an attempt to steal their data and personal information.

After analyzing data collected from the servers with cybersecurity company 360, many samples of malware SecondDate developed by the NSA have been extracted, the National Computer Virus Emergency Response Center said in the report. It's the latest evidence that the attack was carried out by the NSA.

"More importantly, we have discovered the real identities of those who launched the attacks against the university for the NSA," Du Zhenhua, a senior engineer of the center said. The center previously said that 13 people from the US have been found to be directly involved in such attacks.

The sophisticate malware allows the attackers to fully take control of the infected servers so they can steal information for a long period of time. Also, it can help to implant other cyberattack weapons for future attacks, Du said.

Some core technical data of the university was stolen in those cyberattacks. And the case has exposed the fact that the NSA has been carrying out cyber espionage activities in China for a long time, 360 said earlier.

According to a report of the center in Sept 2022, the Office of Tailored Access Operations affiliated to the NSA had launched thousands of attacks against the university via 41 tools and SecondDate is just one of them.

SecondDate is often used by TAO with other tools targeting loopholes in firewalls, routers and servers to carry out complicated spy missions. Also, it can be uses on different operation systems, he added.

In the latest report, the center has strongly advised government bodies, industry leaders, universities and research institutes to be on high alert at all times. Also, they need to be capable to handle cyberattacks backed by foreign governments.

Photo
Ceremony held to mark Martyrs' Day at Tian'anmen Square
A 75-year-long journey from what was to is
Heroes never die
Dalian nature reserve becomes a safe stopover for migrating raptors
Chongqing railway workers step up maintenance efforts for National Day
Li Brocade makes Paris fashion week debut
Latest
State Council News
Xi pays tribute to fallen heroes on Martyrs' Day
Exclusive
70 years on: Bridge of the people's will
Animation voice acting connects both sides of the Strait
'Scavenger of the sea' makes a splash with debris artwork
Newsmaker
Journey to Joy: Life through a photographer's lens
Profile: A Chinese doctor's ground-breaking battle against leukemia
Ten photos you don't wanna miss
Ten photos from across China: Sept 20 - 26
Special Coverage
75 years on
Third Plenary Session of the 20th CPC Central Committee
Top
BACK TO THE TOP
English
中文
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349
About China Daily
Advertise on Site
Contact Us
Job Offer
Expat Employment
FOLLOW US