CCTV interviewed engineers from the 360 Company and the National Computer Virus Emergency Response Center, which investigated the Northwestern Polytechnical University cyber attack. An investigation by the National Computer Virus Emergency Response Center found :
According to the big data analysis of related cyber attacks, 98% of the cyber attacks against Northwestern Polytechnical University were concentrated between 21:00 Beijing time and 4:00 a.m., which corresponds to 9:00 a.m. to 16:00 a.m. Eastern time, belonging to the United States. working hours. Secondly, there was no cyber attack on Northwestern Polytechnical University on all Saturdays and Sundays in US time. Third, analyzing the unique holidays in the United States, it is found that the United States has three days off for “Memorial Day” and one day off for “Independence Day” in the United States. During these four days, the attacker did not carry out any attack and stealing operations. Fourth, we have closely tracked the attack behavior for a long time and found that during the Christmas period of the past year, all network attack activities were in a silent state. Judging from the above working hours and holiday arrangements, the hackers targeting Northwestern Polytechnical University all carried out activities in accordance with the domestic working day schedule in the United States.
The investigation also found that NSA TAO entered the operator’s network as a “legitimate” through the account and password of the Cisco PIX firewall, Tianrongxin firewall and other equipment of Chinese infrastructure operators, and then implemented intranet penetration and expansion to control related operations respectively. The service quality monitoring system and SMS gateway server of the operator, using weapons and tools such as “Magic School” specially designed for operators’ equipment, inquired a group of sensitive identities in China, and packaged and encrypted the user information and sent it back to the multi-level springboard. NSA headquarters.
This article is reprinted from: https://www.solidot.org/story?sid=72894
This site is for inclusion only, and the copyright belongs to the original author.