Cyberspace is increasingly becoming a keenly contested area between China and the US. The US state department recently accused Chinese hackers of breaching senior US diplomatsā email accounts.
China says it uncovered NSA operatives behind university cyberattack
- āSecond Dateā software used in Northwestern Polytechnical University attack is potent cyber espionage tool developed by US agency, says state media
- After global tracing, Chinese team reportedly found āthousands of network devicesā across the country still infected by the spyware and its derivatives
State-run CCTV said on Thursday that Chinaās National Computer Virus Emergency Response Centre, with help from Chinese antivirus company 360 Total Security, had discovered the identity of the National Security Agency (NSA) operative or operatives ā the broadcaster did not specify how many or name them ā after it extracted āmultiple samplesā of a spyware called āSecond Dateā.
It said the spyware was used in the cyberattack on Northwestern Polytechnical University in Shaanxi province.
The report said technical analysis showed that Second Date was a cyberespionage weapon developed by the NSA to sniff out and hijack network traffic and insert malicious codes.
Quoting senior engineer at the National Computer Virus Emergency Response Centre Du Zhenhua, it said software was a potent cyberespionage tool that enabled attackers to take control of target network devices and the data traffic flowing through them, and use them as a āforward baseā for the next stage of attacks. It could run on various operating systems and was compatible with multiple architectures.
Du was quoted as saying the spyware was usually used in conjunction with various network device vulnerability attack tools from the NSAās Office of Tailored Access Operations (TAO). The TAO, now renamed Computer Network Operations, is a cyberwarfare intelligence-gathering unit.
ā[We] will have ādigital spiesā reveal their true colours and have nowhere to hide!ā the commentary said.
Without naming a specific country or agency, it said ādozens of intelligence agencies from different countries and regionsā had carried out cyberattacks in China via specific agencies and ācover companiesā. Besides directly carrying out cyberattacks, foreign spies also lured Chinese companies via outsourcing arrangements, paying for data and system loopholes, it said.
The commentary said these cyberattack targets extended beyond government agencies, with foreign spies and intelligence agencies aiming for āour critical information infrastructure and major infrastructure network systems and ā¦ our universities, scientific research institutions, large enterprises, hi-tech companies and other institutions as well as corporate executives, experts and scholarsā.
Pentagon says cyberattacks are part of Chinaās armory for conflict with US14 Sep 2023
___________________________________________________________________________________
Beijing says it uncovered US National Security Agency operatives behind cyberattack on Chinese university | South China Morning Post
_
Comments