China claims US NSA hacked infrastructure and sent data back to headquarters

Beijing has long accused the US of carrying out cyber attacks on Chinese targets. But more recently, it has accused the US National Security Agency of hacking into specific targets.

Beebright | Istock | Getty Images

China accused a top US spy agency of stealing Chinese user data and infiltrating the country’s telecommunications infrastructure, according to a report published Tuesday that details the alleged cyberattack method.

Chinese state media first reported last week about an alleged attack by the US National Security Agency on the Chinese government-funded Northwestern Polytechnical University and promised more details would follow.

Tuesday’s report from China’s National Computer Virus Emergency Response Center and cybersecurity firm 360 details the specific ways in which the alleged attack was carried out.

The report adds even more tension between the US and China on the cyber front. Beijing has accused Washington of cyber attacks for years, but rarely reveals details about specific incidents. This new report is a change in approach from China.

The report, published in the state-sponsored People’s Daily, claims that the NSA began a man-in-the-middle attack on Northwestern Polytechnical University. Here a hacker intercepts digital communication between two parties. The NSA was able to get into the university’s network and get the credentials of people who worked there, allowing the U.S. agency to penetrate the systems further, the report claimed.

Inside the network, the NSA was able to gain further access to sensitive data and eventually get into the core data network of a telecommunications infrastructure operator remotely, the report claimed.

As part of the attack, the NSA was able to access the data of people in China with “sensitive identities” and send that information back to the agency’s US headquarters, the report claimed.

The NSA was not immediately available for comment when CNBC reached out.

The report from China’s National Computer Virus Emergency Response Center and 360 explains several reasons why the attack is blamed on the NSA.

Of the various hacking tools used, 16 were identical to the ones dumped online as of 2016 by a group called Shadow Brokers, who managed to access some of the NSA’s techniques and methods. NSA hackers also carried out attacks during U.S. work hours and stopped during holidays such as Memorial Day, the report claims.

The report also said the attackers were using American English, the devices linked to the hackers had an English-language operating system, and they were using an American keyboard for input.

Allegations of the NSA’s activity on Chinese infrastructure is another point of conflict in the US-China technology and cyber arena. Competition between the world’s two largest economies in areas from semiconductors to artificial intelligence has increased in recent years.

The US, for its part, has accused China of massive hacking operations. Christopher Wray, director of the Federal Bureau of Investigation, said in February that China’s cyberattacks “have become more brutal and damaging than ever before”.

Wray accused China of trying to steal American information and technology.

Leave a Comment