According to a statement from China’s National Computer Virus Emergency Response Center (CNCERT/CC), the NSA’s Office of Tailored Access Operations (TAO) sent phishing emails to teachers and students at Northwestern Polytechnical University in an attempt to steal data and personal information. As with other phishing campaigns, the goal was to trick targets into clicking malicious links that would allow the TAO to steal login details. The messages’ themes included scientific evaluation, thesis defense, and information on foreign travel. According to The Global Times, a publication owned by the Chinese communist party, a team from CNCERT/CC and 360 Security Technology Inc. analyzed trojan samples from the university’s information systems after an attack was reported in June. They traced the hacks back to the TAO.
Chinese president Xi Jinping China says the NSA was behind more than 10,000 “vicious” cyberattacks on targets within the country in recent years, collecting more than 140 GB of high-value data in the process. The US has a long history of throwing hacking accusations at China. The CISA, NSA, and FBI issued an alert in June claiming Chinese state-backed hackers are using unpatched consumer routers and network-attached storage (NAS) devices to gain access to the infrastructure of major telecommunications companies, sending their traffic to Chinese servers. In February, Federal Bureau of Investigation director Christopher Wray said China is behind more cyberattacks on the US than all other nations combined. He added that, at the time, the FBI was investigating 2,000 cases of Chinese attacks. He cited the Microsoft Exchange hack, which impacted the networks of 10,000 American companies, as an example of the damage Chinese hackers can cause the US industry.
