Staff and students received phishing emails disguised as invitations to academic events and scientific review.
China has accused the U.S.’ National Security Agency of hacking the information system of a key Chinese university that develops secret weapons for the country’s military.
Vice reports, Chinese authorities said Monday they have traced the source of recent cyberattacks on the country’s Northwestern Polytechnical University to the NSA’s Office of Tailored Access Operations, a secretive unit of the agency known for breaking into computers around the world and “getting the ungettable.”
The university works closely with the Chinese military on aeronautics and defense research and had in June reported being attacked by foreign hackers who sent staff and students phishing emails.
China has been increasingly vocal in accusing U.S. individuals or groups of carrying out cyberattacks on Chinese users and institutions, in what some analysts have called an information campaign to counter U.S. allegations of Chinese hacking.
In February, a Chinese cybersecurity firm linked the NSA to a hacking operation with targets spanning 45 countries, including China.
The Northwestern Polytechnical University in June said its staff and students received emails disguised as invitations to academic events or scientific review but were trying to steal email logins. On Monday, China’s National Computer Virus Emergency Response Center said the attack was carried out by the NSA. The center said it conducted an initial investigation with the Beijing-based internet security company 360 Security Technology Inc.
Albert Zhang, a researcher with the Australian Strategic Policy Institute, said he detected hundreds of inauthentic Chinese state-linked social media accounts sharing statements and memes blaming the NSA for the cyberattack even in the weeks leading up to the center’s announcement.
“Regardless of whether the claims are true or false, this coordination of official statements and covert activity may be part of a broader propaganda campaign to negatively portray the U.S. and show off Chinese cybersecurity capabilities,” Zhang told VICE World News.
The NSA did not immediately respond to a request for comment.
Funded and directly managed by China’s Ministry of Industry and Information Technology, the Northwestern Polytechnical University in Shaanxi province is among a number of public Chinese institutions sanctioned by Washington over its close ties with the military. The university helps with the development of military weapons, including drones, fighter jets, and spacecraft.
The alleged U.S. hacking did not result in any significant data leak, the university said in June.
Speaking at a regular press conference on Monday, Chinese foreign ministry spokesperson Mao Ning said the phishing emails targeting the university is another example of the U.S. government’s cyber attacks on China. “The US has also long carried out indiscriminate audio surveillance against Chinese cell-phone users, illegally stole text messages from them and conducted wireless positioning,” said Mao, who called on the U.S. to offer an explanation.
The case was also widely covered by Chinese media outlets and racked up more than 380 million views on Chinese social media platform Weibo by Monday evening.
The U.S. government and internet security companies have for years pointed fingers at China for a wide range of hacking operations. Beijing has repeatedly denied involvement in such campaigns.
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- Online disclosure of 5+ million Twitter users’ stolen information - 30 November 2022
- U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer - 29 November 2022
- Researchers Quietly Cracked Zeppelin Ransomware Keys - 23 November 2022