Details emerge on alleged US cyberattack on China — Analysis

Washington’s cyberwarfare unit relied on a stealthy program as it hacked a prominent Chinese university, Global Times reports

US intelligence services used a “Concealed and easily adaptable” cyberweapon to hack into one of China’s top universities, local media reported on Tuesday.

Global Times reports that Chinese specialists have captured a hacker tool used by the Office of Tailored Access Operation, a secretive US National Security Agency unit, to attack the Northwestern Polytechnic University’s information system.

On September 5, China’s National Computer Virus Emergency Response Center revealed the results of the investigation into a range of attacks on this state-funded university, which specializes in aeronautics and space research. At the time, the authorities said that TAO used “More than 40 cyberattack weapon types that are NSA-specific” to steal the university’s data.

Meanwhile, according to experts interviewed by Global Times, the NSA cyberwarfare unit mainly relied on the so-called “Drinking tea” tool which was implanted into the internal network of the university. These tools were apparently used by the hackers to gain Intranet access and passwords for remote management services and file-transfer services. A large amount of sensitive data was thus stolen.

China names cyberattack culprit

The outlet’s source also indicated that the “Drinking tea” is a highly stealthy tool as it can easily blend into new environments. The spyware can disguise itself as a background process to make it difficult for people to find, the cyber-expert explained.

He explained that it is possible for the software to track what information the user enters through the console. It can see account names as well as passwords. “TAO will have the usernames and passwords. They can then be used by the TAO to execute the next stage of an attack. This could help the office to access files on servers, or to deliver cyber weapons.,” the expert told the newspaper.

Resulting from this security breach, over 140GB of high-value data have been stolen by the US, according to China’s National Computer Virus Emergency Response Center. These allegations were denied by the NSA and State Department.

China accuses the US of spying both on universities and on internet-related companies. At the same time, Washington has blasted Beijing for stealing American commercial secrets, with FBI chief Christopher Wray claiming earlier this year that the nation had illegally retrieved “staggering volumes” of information, while being the source of more cyberattacks than all other countries combined.

Share this story via social media



Related Articles

Back to top button