[Explanation] Recently, China's Northwestern Polytechnical University suffered a cyber attack and attracted attention.
According to relevant departments, the incident was a cyberattack by the Special Intrusion Operations Office (TAO) of the National Security Agency (NSA).
What solid evidence do we have to lock down the "black hand" behind it?
What are the warning signs of cyberattacks at the national level?
In this regard, the reporter interviewed Zhou Hongyi, founder of 360 Company, who participated in joint technical analysis and traceability, and answered the above questions.
[Concurrent] Zhou Hongyi, founder of 360 Company
The bottom line is that it's not the first time we've caught the NSA, and we've caught the NSA twice in other attacks in the past two years.
It used more than a dozen cyber weapons at Northwestern Polytechnical University, each targeting a different platform, for a different purpose, and even each weapon used a different vulnerability.
Therefore, in order to track the US NSA's cyber warfare weapons, we analyzed many code samples in its history.
Therefore, this time through the verification of this code habit, including the composition of some attack modules, as well as some internal code naming habits, we can basically fix this chain of evidence more accurately, proving that it is the US NSA.
[Explanation] Zhou Hongyi said that cyber warfare is not divided into peacetime and wartime.
In many cyber warfare, some attack software is infiltrated into each other's important systems in friendly and peaceful times.
[Concurrent] Zhou Hongyi, founder of 360 Company
There is no difference between peacetime and wartime.
Traditional warfare may not break out until war is declared, but the more friendly and peaceful cyber warfare is, they actually use cyber attacks to lurk or infiltrate some attack software and spyware into you. important systems.
One is that most of the means of obtaining intelligence now is through online attacks; the second is that if one day the relationship between the two countries is not good, I hope to paralyze your infrastructure through cyber attacks.
[Explanation] Zhou Hongyi emphasized that with the accelerating pace of China's digital transformation, the prevention of China's infrastructure is the next stage to focus on.
[Concurrent] Zhou Hongyi, founder of 360 Company
With the rapid digitization of cities in China, digital government and smart cities should be said that more and more of our infrastructure are also being digitized. Therefore, in the future, attacks on urban infrastructure will become an important precaution for us in the next stage. .
I think we need to increase this top-level design for digital security.
It is necessary to turn digital security into the entire digital security base to escort the digital strategy.
[Explanation] At the same time, Zhou Hongyi said that through this cyber attack incident, it also reminded us to establish a national-level attack gene bank and sample bank, so that we can accurately trace the source of cyber attacks in the future.
[Concurrent] Zhou Hongyi, founder of 360 Company
So I think through the evidence from Northwestern Polytechnical University this time, we can see that the entire cyber warfare is also very secretive.
The biggest challenge that cyber warfare has long posed to our nation is that they will find ways to keep us out of sight.
This time, I think Northwestern Polytechnical University has performed very well. After finding some clues, I quickly called the police.
Many units may have been attacked, and I don't know it yet.
In the future, a national-level attack gene bank and a sample bank should be established for the country. With this thing, when someone hits you, you will be more and more accurate when you discover the attack and trace the source.
Reported by Chi Hanyu and Xia Bin in Beijing
Responsible editor: [Luo Pan]