Report unveils details of US cyberattack

[Photo/IC]

An implantation tool called “suctionchar” was used by the US National Security Agency to intercept passwords and login data during the cyberattack against internal servers at Northwestern Polytechnical University of China in April, according to a report released Tuesday.

Separately, traces of “suctionchar” were found in the networks of other institutes, which means that the NSA may have carried out a large-scale cyberattack against China, according to the report published by the National Computer Virus Emergency Response Center .

The tool, which has been described by security experts as “32 or 64 bit OS, solaris sparc 8.9, Kernel level implant”, mainly targets Unix and Linux platforms, is easily integrated and used with many other cyberattack tools and is difficult to detect. As well as intercepting passwords and login data, it can theoretically be used to obtain all sorts of other information and, according to the report, it’s a powerful weapon.

Codes for the implant were released in the report, which adds that the “suction” was used by the NSA’s Tailored Access Operations Office — a cyberwarfare intelligence collection unit — in the attack on the internal servers of the NPU, which is known for its programs in the fields of aeronautics, astronautics and marine technology engineering. The attack led to a continuous and large-scale leak of data sensitive.

According to the initial investigation, the malicious attack was just one of tens of thousands launched by TAO against targets in China in recent years, which leaked more than 140 gigabytes of high-value data, adds the report.

About Jon Moses

Check Also

IBM launches fourth-generation LinuxONE servers

IBM has unveiled the next generation of its LinuxONE server, which uses the Telum processor …