China Accuses the NSA of Hacking a Top University To Steal Data

hackingbear shares a report from Gizmodo: China claims that America's National Security Agency used sophisticated cyber tools to hack into an elite research university on Chinese soil. The attack allegedly targeted the Northwestern Polytechnical University in Xi'an (not to be confused with a California school of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S. Justice Department has referred to the school as a "Chinese military university that is heavily involved in military research and works closely with the People's Liberation Army," painting it as a reasonable target for digital infiltration from an American perspective.

China's National Computer Virus Emergency Response Center (CVERC) recently published a report attributing the hack to the Tailored Access Operations group (TAO) -- an elite team of NSA hackers which first became publicly known via the Snowden Leaks back in 2013, helps the U.S. government break into networks all over the world for the purposes of intelligence gathering and data collection. [CVERC identified 41 TAO tools involved in the case.] One such tool, dubbed 'Suctionchar,' is said to have helped infiltrate the school's network by stealing account credentials from remote management and file transfer applications to hijack logins on targeted servers. The report also mentions the exploitation of Bvp47, a backdoor in Linux that has been used in previous hacking missions by the Equation Group -- another elite NSA hacking team. According to CVERC, traces of Suctionchar have been found in many other Chinese networks besides Northwestern's, and the agency has accused the NSA of launching more than 10,000 cyberattacks on China over the past several years.

On Sunday, the allegations against the NSA were escalated to a diplomatic complaint. Yang Tao, the director-general of American affairs at China's Ministry of Foreign Affairs, published a statement affirming the CVERC report and claiming that the NSA had "seriously violated the technical secrets of relevant Chinese institutions and seriously endangered the security of China's critical infrastructure, institutions and personal information, and must be stopped immediately."

Good.

[ugen]

EOM

Not hard to read between those lines.

[Eunomion]

The two likeliest scenarios are either that the Chinese military launched a cyberattack from there and were then royally punished, or that the claim is largely or completely made-up to hide something else embarrassing.

Lines? What lines?

[Anonymous Coward]

This is so full of meaningless scare-words there's not even any jargon to make a hash of the message you have to retrieve from reading between the lines.

Only thing I can tell: If the NSA is really involved they fscked up for getting made. But it's just as likely the Chinese just cooked up a "report" with a lot of fingerpointing to terms taken (possibly at random) from the Snowden leaks. They may have had a reason to write the report, but again I can't tell if that's because someone was in their networks (t

Re:Lines? What lines?

[ArmoredDragon]

They referenced a vault 7 tool (suctionchar) which would be a CIA tool rather than NSA. If that's indeed what they found, then I think it would have been planted by a mole, which is apparently the intended means of distribution of those tools. I'd say to check if somebody at the university has disappeared recently and nobody knows why, but I suspect that happens often. Though that is a bit dubious since the tool has already been leaked to the public, and I suspect whatever form it exists in now bears little to no resemblance to what was in the vault 7 leak.

Re:

[Anonymous Coward]

Right because the NSA would never be involved in hacking...

The pure stupidity of your post.

Re:

[znrt]

The pure stupidity of your post.

moderated "+5 Insightful" in purest /. mob tradition ... X'D

Re:

[youngone]

No, the likeliest scenario is that the NSA got caught spying on a Chinese University, because that is literally what the NSA is for.

Re:

[Eunomion]

Except the article doesn't say the NSA did anything. It just says the rulers of China accused it of something, and that's the most relevant aspect of the story.

Re:

[AmiMoJo]

Did you expect the NSA to admit to it?

Re:

[Eunomion]

I expect the CCP to lie and the NSA to remain silent. What do you expect?

Re:

[AmiMoJo]

Expecting the CCP to lie is just as bad as expecting them to tell the truth. All they need to do to manipulate you is to say the opposite to what they want you to believe.

Re:

[Eunomion]

I didn't say they were lying, I said I expect them to lie. Like you expect a ball to roll when pushed. Which is why the most likely interpretation of the CCP is talking about this is that they're covering up some embarrassment.

Re:

[Deal In One]

I actually expect the US to conduct alot more cyber espionage then whatever has been in the news (like this supposed incident). So either most of the US cyber espionage attempts are not being detected, or those which are detected are not linked directly to the US government.

I expect US espionage attempts will not involve encrypting the data and asking for payment to unlock, unless thats part of how they disguise their attacks, so make it similar to just a random criminal online attack.

Whatever it is, I expe

Re:

[youngone]

That is hilarious.

Re:

[Eunomion]

I'm glad that reading comprehension is so entertaining.

Re: Not hard to read between those lines.

[dowhileor]

Now if they were only inclined to give regular student and work visas so they could accuse the us of walking in stealing secrets and walking out....democracy is about parity.

Re:

[youngone]

China told the West what the rules were 30 years ago, when they decided they wanted Western investment. They also made it clear that the rules might change at any moment, and Western capitalists fell over each other in their haste to attempt to exploit a vast new source of cheap labour and a potential new consumer group.

For whatsoever a man soweth, that shall he also reap.

Re:

[Errol backfiring]

The Chinese write in columns, you insensitive clod!

Re:

[Eunomion]

And the CCP writes in fifth columns. :)

Re:Did they get anything valuable?

[The Evil Atheist]

Not sure why the source of prolific hacking are publicising this.

Pretty easy to understand why. China has been accused of hacking everyone, and now it has a chance to portray itself as the victim, and maybe even to imply that China's attacks are retaliatory.

In the future, they're going to suggest that hacking coming from China is actually the NSA spoofing attacks from China.

They don't have to convince the US or its allies. They just have to sow enough doubt among those countries that feel maligned by the US and allies to make it more easier to strike deals with.

Re:

[suss]

Crying wolf doesn't really work when you're the wolf.

Re:

[The Evil Atheist]

I literally said:

They don't have to convince the US or its allies. They just have to sow enough doubt among those countries that feel maligned by the US and allies to make it more easier to strike deals with.

Re:

[drinkypoo]

I presume China isn't only hacking the US constantly, so these other countries will probably know better than to worry about Chinese PR.

Re:

[The Evil Atheist]

It doesn't matter what you think is reasonable. It only matters what China thinks is reasonable. And it is completely within the CCP's character for this course of action, and this motivation, to do what I'm hypothesizing.

Re:

[drinkypoo]

It doesn't matter to other countries what China thinks is reasonable, except other countries that China is expanding into like Tibet.

reminds of mad magazine cartoon

[ozduo]

Spy versus Spy

Stolen: meal plan and meal history

[mveloso]

The NSA got away with a heap 'o treasure: the meal plan information for thousands of students as well as their entire meal history.

The NSA will most likely use that to subvert the students by sending them free vouchers for Panda Express...which will cause mass confusion because Panda Express doesn't exist in China.

Re:

[sk999]

After the meal plan at my university became optional, ny meal history was largely defined by vending machines. Presumably the NSA hacked those as well? We certainly did.

Re:

[garyisabusyguy]

Oh yeah, they've been on this for [ibm.com] decades now...

Nice

[Frank Burly]

This is the sort of thing all countries would do if they could. But Dark Brandon has us doing it twice a week to the same university! [slashdot.org].

USA! USA!

this ...

[znrt]

... is going to be fun!

This is unusual

[Anonymous Coward]

For once i believe China , its good to see the NSA can spy on things other than its own people and closest allies.

Pot meet kettle

[fabioalcor]

Even being non-American, I would be so happy if the hypersonic missiles USA is testing were... inspired from China's ones.

stop doing what i'm doing!

[cawdor]

Every country with the capability to do so is engaging in cyber espionage. But the hypocrisy from China in this regard is quite remarkable, as they are a known source of cyber attacks on all countries of interest. It's like Russia complaining that the Ukrainians are shooting back.

Re:

[jabuzz]

So why have the only concerted cyber attacks on the HPC facility at a UK university that I look after come from Russia and China? Not seeing anything coming from the USA?

We blocked all registered Russian IP addresses at the firewall back in February along with Belorussian, Ukrainian (because who knows what is what in a war zone) and for good measure North Korea.

Re: stop doing what i'm doing!

[St.Creed]

And as long as no foreigner understands who VPNs work, that is an excellent measure. It will keep the script kiddies out, at least. Advanced Persistent Threats? Not a chance.

Re:

[zlives]

c2 hosts

Re:

[cawdor]

Because the UK is not an adversary of the US. There is already a lot of intelligence and industrial information being freely shared amongst the two. Doesn't mean that the US does not snoop on the UK at all, it would be absurd to assume such a thing.

Re:

[AmiMoJo]

It's what every country does. If they catch a foreign agency spying on them and have evidence, they put out a statement to try to embarrass them.

It goes back much further than hacking, to cold war era spies. Because they could catch spies they put them on trial, but of course with hacking there is usually nothing they can do to prosecute the perpetrators. Except put them on a naught list somewhere, of course.

Re:

[quantaman]

Every country with the capability to do so is engaging in cyber espionage. But the hypocrisy from China in this regard is quite remarkable, as they are a known source of cyber attacks on all countries of interest. It's like Russia complaining that the Ukrainians are shooting back.

But that's kind of the point, to make the US look like hypocrites as well.

Which is slightly true, the US does engage in cyber warfare, but more for intel and security reasons while Chinese hacking is largely trying to steal IP.

But even if it's a misleading complaint the more they manage to muddy the waters the more people will defend them.

Re:

[HiThere]

You are assuming what the reasons are. The US has definitely snooped on European countries for commercial advantage. I've no idea how frequently, but it's happened.

About time the NSA does their job!

[oldgraybeard]

What? they have some spare resources they weren't using to spy on American Citizens and their political opponents.

Re:

[Gravis Zero]

About time the NSA does their job!

The NSA is doing their job. The reason you don't read about country XYZ accusing them of hacking them is because their efforts are rarely detected.

It's all about China's internal politics

[Required Snark]

This is for nationalistic purposes, it's not about getting traction anywhere else in the world.

The Chinese Communist Party (CCP) is having a horrible time right now. Their Covid-19 policies are wreaking havoc with the economy and destroying peoples lives. They are having a heatwave, drought and power outages interspaced with flooding. Huge numbers of people are out of work. The real estate sector, which accounts for 30% of the GNP is collapsing. There are food shortages.

So what better time then to scream

I think people are missing something here

[93 Escort Wagon]

Sure, it wouldn't be surprising if the NSA did this, given the school's affiliations. But the reason for the timing and the particular messaging is because of the upcoming Communist Party conference next month, when Xi will likely be given a third term in office. China (or, specifically, Xi's allies) have been taking steps to make him look like a strong decisive leader ahead of that.

Re:

[garyisabusyguy]

I was always under the impression that the NSA's forte was signals gathering and data analysis, sticking something on somebodies gear is probably in the realm of some small company in some friendly country working at the behest of black bags of money charged of to some CIA account, um... something like that

Or that is the trope I would believe over this story

KRUK

[f7145ch0]

http://newssia.com/ [newssia.com]

Kinda like

[slazzy]

Looking for drinking water in a sewer huh?

Boo Fucking Hoo

[Anonymous Coward]

After everything they've done around the world? Boo fucking hoo. They're lucky some dumb cunts in the west are still stupid enough to trade with them.

Re:

[The Evil Atheist]

What have they done around the world?

Re:

[The Evil Atheist]

Other than the nine-dash line claims, which I think we can all agree is absurd, exactly what territories have they claimed that do not have a historical basis?

China hasn't claimed Mongolia. China hasn't claimed Korea. China hasn't claimed Okinawa. China hasn't claimed North Vietnam.

It's as if China has only ever claimed, what the Taiwanese also claim, were the territory of the Qing empire at the end. Remember, both the PRC and the ROC claim those Qing territories. Since you're so knowledgeable, why do

Re:

[drinkypoo]

Other than the nine-dash line claims, which I think we can all agree is absurd, exactly what territories have they claimed that do not have a historical basis?

Who cares? Who was where when doesn't really matter. Everything is a judgement call. We decide who we want where and then we make up justifications for it.

Re:

[The Evil Atheist]

Irrelevant. The person I was replying to said China is expansionist. I'm challenging him to point out what he means by expansionist and how anything China does is supposed to fit that description.

Re:

[drinkypoo]

when you start your comment off with "other than..." it cheapens the fuck out of it

Say hello to Tibet if you can find a Tibetan

Re:

[Whibla]

What have they done around the world?

Hacking, spying, bullying, propagandising, and economic imperialism to name but a few of their activities.

So, nothing that we didn't do 'first', and, other than perhaps the imperialism, nothing we're not still doing (with varying degrees of success - and I suspect that this is what's so incensed the GP).

Re:

[The Evil Atheist]

The original comment implied that something China has done to deserve revenge.

As you say, every other country does those things as a matter of course. So why is China singled out as especially deserving of revenge, while other countries are not?

And "economic imperialism" is bullshit. Nothing comes close to the economic imperialism of the West of actually taking over other countries and stealing resources.

Re:

[Whibla]

And "economic imperialism" is bullshit.

It's really not. There are numerous instances of China (well Chinese companies, which amounts to the same thing) taking over ownership of infrastructure and resources after the host nation failed to live up to their onerous debt obligations. While one could rightly apportion blame for these situations to the countries in question China has been implicated in bribery of officials responsible for signing these contracts, rather suggesting that the 'imperialist' outcomes were very much the intention from the o

Why?

[Opportunist]

Did they want to check whether China was able to duplicate the research of some US university?

Soo ?

[bsdetector101]

China has been behind a lot of hacking.

Every country does this.

[angryman77]

And China calling the kettle black is particularly amusing.

I hate gizmodo

[dada21]

It's a leftist garbage gossip magazine, and why do nerds still give them any support?

Re:

[GoTeam]

For the same reason we still visit slashy-dot... boredom and self hatred

But why?

[McFortner]

Why hack the Chinese computers to get data that they stole from us in the first place?

This brings to mind Pee Wee Herman.

[kaatochacha]

China: "I know you hack, but what am I?"

Well...DUH!

[AutodidactLabrat]

IF, I repeat if, the claim is bogus, I'm ashamed of our spies for NOT hacking foreign, government funded, higher education.
That's where you'll find the evidences of stolen data, ideas or processes.

Typical Chinese government hypocrisy

[billd10]

China does more hacking and spying to obtain intellectual property than anybody. This could also be a lie so they can justify what they have been doing for years. But if we did hack into this system, I'd say it's about time.

Research paper

[ShawnaBremer]

I cannot blame the accused part as I am a law student and still studying these hacking topics. I have to do a final year paper on this topic and I go to this source [studymoose.com] to get help from professionals. It is useful because I can buy research papers to get the best grades and the best knowledge. The information provided by the source's experts makes me also a future expert judge.