• World CyberCon India
Firewall Daily Hacks Main Story

China Blames US of Hacking Military Research University

The National Computer Virus Emergency Response Centre disclosed its findings, blaming the Office of Tailored Access Operations (TAO) for the attacks.

China Blames US of Hacking Military Research University
  • PublishedSeptember 14, 2022

China has accused the United States of America of launching cyber-attacks on Northwestern Polytechnical University, stated a report by the National Computer Virus Emergency Response Centre (NCVERC). The allegations were made against the Office of Tailored Access Operations (TAO), the intelligence gathering unit of the United States National Security Agency (NSA).

As per reports, TAO employed nearly 40 NSA-specific cyber-attack weapons to access sensitive data from the Northwestern Polytechnical University in China, which deals with aeronautical and military research.

The breach

The findings were first reported earlier this June via a public statement issued by the Chinese university. The statement stated that several trojan samples traced from abroad were found in its multiple information systems and internal terminals by the technical team investigating the breach.

“The overall overview, technical characteristics, attack weapons, attack paths and attack sources of the relevant attack events are preliminarily determined, and it is preliminarily determined that the relevant attack activities originated from the Office of Tailored Access Operation,” read the statement.

China also accused the US of controlling tens of thousands of network devices, including network servers, internet terminals, network switches and telephone switches which led them to extract over 140GB of data with the help of 13 people who launched the cyber-attack on Chinese networks.

Tracing the cyber-attack

As per the report, 54 springboards were used with proxy servers found in 17 countries, including Poland, Sweden, and Japan. Anonymity protection services were employed to hide the source of the cyber-attack. The network resources used involved five proxy servers.

The IP addresses:

  • 59.36.*,
  • 165.54.*,
  • 195.240.*
  • 118.143.

The crypto centers detected in the attack:

  • NSA headquarters in Fort Meade, Maryland
  • NSA Hawaii Crypto Center, Oahu, Hawaii
  • NSA Crypto Center Georgia, Fort Gordon, Georgia
  • NSA Crypto Center of Texas in San Antonio, Texas
  • NSA Colorado Crypto Center, Colorado
  • NSA European Crypto Center, Germany

Suspicious history of Northwestern Polytechnical University

The US Department of Justice (DoJ), on April 28, 2021, released a notice that a Chinese national was involved and found guilty of illegally gaining and exporting US-origin goods worth $100,000. The goods were shipped to Northwestern Polytechnical University (NWPU).

The notice further read, “NWPU has been involved in developing uncrewed aerial vehicles, autonomous underwater vehicles and missile proliferation projects. Since 2001, the U.S. Department of Commerce (DOC) has designated NWPU on its Entity List for national security reasons.” As per reports, the case was prosecuted with the input of the Justice Department’s National Security Division and the National Security Unit (NSA).

Written By

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.