The National Computer Virus Emergency Response Center and Company 360 jointly released an investigation report today (May 4), revealing the relevant situation of the CIA’s use of the network to attack other countries, revealing the specific process of some typical cyber security incidents in China and other countries, and comprehensively and deeply analyzing the CIA’s cyber attacks and related real harm activities, as well as its contribution to the United States becoming a "matrix". The release of this report will provide reference and suggestions for cyber attack victims all over the world.
The US Central Intelligence Agency (CIA) is one of the main intelligence agencies of the US federal government. For a long time, the CIA has secretly carried out "peaceful evolution" and "color revolution" around the world, and continued to carry out espionage activities.
In 2020, 360 Company independently discovered a cyber attack organization that had never been exposed by the outside world. The organization used cyber weapons tools associated with the CIA to carry out cyber attacks against victims in China and other countries. The earliest attack activities can be traced back to 2011, and related attacks have continued to this day. The targets of the attack involve important information infrastructure, aerospace, scientific research institutions, petroleum and petrochemical, large Internet companies and government agencies.
The investigation team jointly established by the National Computer Virus Emergency Response Center and 360 Company found that in the massive global cyber attack, the CIA used a large number of "zero-day" vulnerabilities, including a large number of back doors and vulnerabilities that have not been publicly disclosed so far (some functions have been verified), set up "zombie" networks and attack springboard networks around the world, and carried out attacks and intrusions in stages against network servers, network terminals, switches and routers, and a large number of industrial control equipment.
During the investigation of several typical cyber attacks in China, the joint investigation team captured and successfully extracted a large number of Trojan horse programs, functional plug-ins and attack platforms closely related to the CIA from the information network of the injured unit. These related cyber weapons have been subjected to extremely strict standardized, streamlined and professional software engineering management. At present, only the CIA strictly abides by these standards and norms to develop cyber attack weapons.
Through empirical analysis, the joint investigation team found that the CIA’s cyber weapons used extremely strict spy technical specifications, and all kinds of attack methods echoed and interlocked. Now it has covered almost all Internet and Internet of Things assets in the world, and it can control other countries’ networks and steal important and sensitive data anytime and anywhere, which undoubtedly requires a lot of financial, technical and human resources support. The American-style cyber hegemony can be seen, and the "matrix" deserves its name.
At present, the joint investigation team has provided relevant information to the public security organs in the jurisdiction where the injured units are located. This station will continue to pay attention to the follow-up progress of this matter.