Summary: Chinese authorities and cybersecurity experts have attributed a series of cyberattacks on Northwestern Polytechnical University to the NSA, citing evidence such as IP addresses and deployed malware. The attacks are said to be tools for data theft and espionage, involving advanced techniques and methodologies linked to the NSAβs Tailored Access Operations division. While these allegations remain unverified, they highlight the complexities of cybersecurity attribution and operational security errors made by attackers.
Affected: Northwestern Polytechnical University, China
Keypoints :
- Chinaβs cybersecurity entities linked the NSA to extensive cyberattacks, peaking with a major incident in April 2022.
- Reports indicate the use of at least 41 malware strains and specific operational behaviors tied to American keyboard layouts and non-exploitation on US holidays.
- Alleged NSA tactics included exploiting zero-day vulnerabilities, man-in-the-middle attacks, and the usage of sophisticated espionage frameworks.
Source: https://www.securityweek.com/how-china-pinned-university-cyberattacks-on-nsa-hackers/