Hacking Book | Free Online Hacking Learning


three cases of overseas cyber attack and secret stealing announced by the state security organ

Posted by truschel at 2020-03-18

Xinhua news agency, Beijing, April 18 (Xinhua) -- with the significant improvement of China's comprehensive national strength and international status, overseas spy intelligence agencies have taken China as their main target and increasingly taken cyber attack as one of their main ways of information theft. In the work of the national security organs, it has been found that the spy intelligence organs of many countries and regions have carried out network attack and secret stealing activities against China. The targets of attack include computers, e-mail, mobile intelligent terminals, important information systems, key information infrastructure, etc.

The state security organs are continuously increasing their efforts to crack down on the cyber attack and secret stealing of overseas spy and intelligence organs, and effectively controlling the harm of overseas spy and intelligence organs to the cyber attack and secret stealing of our country. Recently, the national security organ has released three cases of Internet attack and secret stealing by overseas spy intelligence organs against China, aiming to further improve the network security awareness of the whole society and build a strong defense line of information security.

Case 1: n network technology company's important information system was attacked and stolen by overseas spy intelligence agencies

N network technology company is an important domestic e-mail system security product provider, mainly responsible for the design, development and maintenance of internal e-mail system of customer units. Because of the construction qualification of secret mail management system, the company has a wide range of customer groups in many important fields. With the accumulation of word-of-mouth and the continuous development of business, N company's customers continue to increase.

Due to the limited personnel of the company, there is often a situation where an employee connects with multiple customers or a customer faces different employees. Therefore, company n stores sensitive information such as the geographical location of many customers and the identity of network management personnel in the company's intranet server, so that employees can query and use it at any time. But at the same time, in order to save costs, the network security precautions of n network technology company are not in place, the relevant equipment system is old, there are many security loopholes, the implementation of the security system is not strict, the company's employees set up channels between the internal and external networks in violation of regulations, and there are serious network security risks for a long time.

According to the work of national security organs, since 2014, the company's core application server has been repeatedly attacked by three overseas spy intelligence organs, stealing a large number of sensitive data, which is harmful to China's network security and national security.

After the case, company n was ordered to suspend business for rectification and fined by the competent department of the industry. At the same time, the national security authority required company n to reinforce the safety of the user units involved in the incident one by one to eliminate the harmful effects.

Case 2: a case of illegal storage of secret related data by a computer of a municipal office

In August 2018, the work of the national security organ found that the office computer used by Wang Mou, a cadre of the personnel department of the w Municipal Bureau of agriculture, was remotely controlled by the overseas spy intelligence agency. After checking and collecting evidence from Wang's computer, we found that in addition to daily office documents, there are many topographic maps marked with secret level.

According to Wang, these topographic maps were saved by helping Xiao, a colleague, make plans. Xiao is a staff member of a public institution under the Bureau, who will receive work tasks every year. When preparing the plan, he needs to make the engineering planning layout. Xiao, who can't do computer graphics, asks Wang for help. Xiao borrowed the local aerial topographic map from the archives, scanned it into an electronic version and saved it in his office computer, and sent it to Wang through QQ from the Internet. According to Xiao's requirements, Wang uses the mapping software to mark the information related to the project construction on the topographic map. After the mapping is completed, Wang sends these maps to Xiao through QQ email.

According to the detection by the staff of the national security organ, Wang's e-mail once received an abnormal e-mail. After clicking to read it, his computer was implanted with a special Trojan horse program disguised as QQ, which led to his computer being remotely controlled by the overseas spy and intelligence organ, and all the stored documents and materials were stolen, including multiple topographic maps marked with secret level.

Because the case is serious and has seriously harmed China's national security, the city immediately started the work of accountability. Relevant responsible personnel shall be punished by corresponding laws and Party discipline and political discipline.

Case 3: a case of illegal use of e-mail by an official in Z city to transmit classified documents and data through Internet

The work of the state security organ found that the e-mail used by a bureau in Z city was controlled by the spy intelligence organ outside China. City Z is located in the border area of our country, and border troops are stationed on the border. The investigation found that the unit has long used the office telephone number as the mailbox password, and the overseas spy intelligence agency has used technical means to collect the telephone number and mailbox account number of a bureau in Z City from the Internet, guess the password and illegally control the mailbox.

During the investigation of the case, it was found that a large number of documents stored in the mailbox were stolen by foreign spy intelligence agencies, and the stolen documents recorded the distribution information of garrison in Z city.

Due to the illegal use of Internet e-mail to transmit classified documents and data, the unit has violated the relevant provisions of confidentiality security, which has constituted a situation endangering national security. The relevant units shall pursue and hold accountable the relevant leading cadres and several relevant staff involved in this case.

Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. The national security organ reminds the public that in case of any suspicious situation endangering national security, they can call 12339 or log on to www.12339.gov.cn.