China has accused the United States of America of launching cyber-attacks on Northwestern Polytechnical University, stated a report by the National Computer Virus Emergency Response Centre (NCVERC). The allegations were made against the Office of Tailored Access Operations (TAO), the intelligence gathering unit of the United States National Security Agency (NSA).
As per reports, TAO employed nearly 40 NSA-specific cyber-attack weapons to access sensitive data from the Northwestern Polytechnical University in China, which deals with aeronautical and military research.
The breach
The findings were first reported earlier this June via a public statement issued by the Chinese university. The statement stated that several trojan samples traced from abroad were found in its multiple information systems and internal terminals by the technical team investigating the breach.
“The overall overview, technical characteristics, attack weapons, attack paths and attack sources of the relevant attack events are preliminarily determined, and it is preliminarily determined that the relevant attack activities originated from the Office of Tailored Access Operation,” read the statement.
China also accused the US of controlling tens of thousands of network devices, including network servers, internet terminals, network switches and telephone switches which led them to extract over 140GB of data with the help of 13 people who launched the cyber-attack on Chinese networks.
Tracing the cyber-attack
As per the report, 54 springboards were used with proxy servers found in 17 countries, including Poland, Sweden, and Japan. Anonymity protection services were employed to hide the source of the cyber-attack. The network resources used involved five proxy servers.
The IP addresses:
- 59.36.*,
- 165.54.*,
- 195.240.*
- 118.143.
The crypto centers detected in the attack:
- NSA headquarters in Fort Meade, Maryland
- NSA Hawaii Crypto Center, Oahu, Hawaii
- NSA Crypto Center Georgia, Fort Gordon, Georgia
- NSA Crypto Center of Texas in San Antonio, Texas
- NSA Colorado Crypto Center, Colorado
- NSA European Crypto Center, Germany
Suspicious history of Northwestern Polytechnical University
The US Department of Justice (DoJ), on April 28, 2021, released a notice that a Chinese national was involved and found guilty of illegally gaining and exporting US-origin goods worth $100,000. The goods were shipped to Northwestern Polytechnical University (NWPU).
The notice further read, “NWPU has been involved in developing uncrewed aerial vehicles, autonomous underwater vehicles and missile proliferation projects. Since 2001, the U.S. Department of Commerce (DOC) has designated NWPU on its Entity List for national security reasons.” As per reports, the case was prosecuted with the input of the Justice Department’s National Security Division and the National Security Unit (NSA).
