The Wuhan Municipal Emergency Management Bureau, which is affiliated with the Wuhan Earthquake Monitoring Center, said in a statement on Wednesday that the Wuhan Earthquake Monitoring Center has recently suffered cyber attacks launched by foreign organizations. This is another such case after overseas cyberattacks on Chinese universities in June 2022.
The expert team of the case determined that the cyber attack was initiated by overseas hacker organizations and lawbreakers with government background. Preliminary evidence suggests that the government-backed cyber attack on the center came from the United States, the Global Times has learned.
The Wuhan Municipal Emergency Management Bureau issued a statement on Wednesday saying that the National Computer Virus Monitoring Center has detected that some network equipment at the front-end collection point of the Wuhan Earthquake Monitoring Center has been attacked by foreign organizations. Emergency Response Center (CVERC) and Chinese Internet security company 360
The affected devices have been immediately blocked and reported to the public security organs so that the case can be investigated and the hacker group and criminals dealt with in accordance with the law, the statement said.
The Jianghan Branch of the Wuhan Public Security Bureau confirmed that the Wuhan Earthquake Monitoring Center discovered a Trojan horse program originating from abroad. According to the Public Security Bureau, the Trojan horse program can illegally control and steal the seismic intensity data collected by the front-end station. This act poses a serious threat to national security.
The public security organ has filed a case for investigation on this matter, and further conducted technical analysis on the extracted Trojan horse samples. It was preliminarily determined that the incident was a cyber attack initiated by overseas hacker organizations and criminals.
Professionals told the Global Times that seismic intensity data refers to the intensity and magnitude of an earthquake, two important indicators for measuring the destructive power of an earthquake.
Experts told the Global Times that the data is closely related to national security. For example, these factors need to be considered when constructing certain military defense facilities. After the overseas hacker organization attacked Northwestern Polytechnical University in June 2022, the Wuhan earthquake
The monitoring center has become another national unit that has suffered cyber attacks from abroad.
After the attack on Northwestern Polytechnical University, CVERC and 360 jointly formed a technical team to conduct a comprehensive technical analysis of the case. They concluded that the cyberattack was launched by the US National Security Agency (NSA)'s Tailored Access Operation (TAO).
According to the Global Times, an expert technical team composed of CVERC and network security company 360 has arrived in Wuhan to carry out evidence collection in the latest case. Preliminary evidence suggests that the cyber attack on the Wuhan Earthquake Monitoring Center came from the United States.
According to the monitoring results of Qihoo 360, the U.S. National Security Agency has launched cyber attacks on at least hundreds of important domestic information systems in China, and found that a Trojan horse program named "validator" was running in the information systems of multiple departments, and transmitted to Information provided by NSA Headquarters.
Moreover, the survey results show that not only China, but also a large number of "verifier" Trojan horses are running in the critical information infrastructure of other countries, and the number of such programs implanted in the systems of these countries far exceeds that of China.
The CIA is another notorious cyber attack and theft organization in the United States besides the National Security Agency. According to CVERC's research, the CIA's cyber attacks have shown the characteristics of automation, systematization, and intelligence.
The CIA's latest cyberweapon adopts extremely strict espionage specifications, and various attack techniques are linked together. Now it covers almost all Internet and IoT assets in the world, and can control the networks of other countries and steal their important and sensitive data anytime and anywhere.
Observers pointed out that while the United States has stepped up attacks on global targets and stolen secrets, it has also spared no effort to blame other countries.
It gathers so-called allies, promotes "China's cyber threat theory", slanders and slanders China's cyber security policy, and has been repeatedly criticized by the Chinese Ministry of Foreign Affairs.
On July 19, Foreign Ministry spokesperson Mao Ning stated at a regular press conference that China is a victim of cyber attacks and firmly opposes such acts.
“For years, the U.S. has conducted indiscriminate and large-scale cyber attacks on other countries,” she said. “U.S. Cyber Force Command publicly declared last year that critical infrastructure in other countries was a legitimate target for U.S. cyber attacks. people's concerns."