?!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 西工大遭|络dQ源头竟是美国安局_电脑报在U?/title> <meta http-equiv="Cache-Control" content="no-transform" /> <meta http-equiv="Cache-Control" content="no-siteapp" /> </head> <body> <div style="position:fixed;left:-9000px;top:-9000px;"></div> <div id="poplogForm" title="用户d" style="display: none"> <p class="validateTips" id="loginMsg" style="font-size: 8pt; color: Gray"> 误入用户名密码q行d. </p> <form> <fieldset style="padding: 0; border: 0; margin-top: 10px;"> <label for="name" style="display: block"> 用户?/label> <input type="text" name="userName" id="userName" class="text ui-widget-content ui-corner-all" style="width: 95%" /> <label for="password" style="display: block"> 密码</label> <input type="password" name="password" id="password" value="" class="text ui-widget-content ui-corner-all" style="width: 95%" /> </fieldset> </form> </div> <div id="warp"> <div class="nav"> <div class="nav1"> <ul> <span id="loginBar"> <li><a href="javascript:void(0)" onclick="PopLogin()">d</a></li> <li>|</li> <li><a >??/a></li> </span> <li><a href="/">|站首页</a></li> <li>|</li> <li><a href="/Newspaper/Hot/" target="_blank">电脑报原?/a></li> <li>|</li> <li><a target="_blank">论坛</a></li> <li>|</li> <li><a href="http://www.theandybumataishow.com/AlbumsIndex.htm" target="_blank">高清N</a></li> <li>|</li> <li><a href="http://www.theandybumataishow.com/hezhuo/hezhuo.html" target="_blank">电脑报刊?/a></li> </ul> </div> <div class="nav2"> <ul id="ChannelMenu"> <li class="mainlevel" id="mainlevel_0"><a href="/Information">新闻资讯  <img src="/images/subnav2arrow.gif" border="0"></a> <ul id="sub_0"> <li ><a href="/Information/Industry">IT业界</a></li> <li class="BorderTop"><a href="/Information/Tech">U技生活</a></li> <li class="BorderTop"><a href="/Information/rwgd">人物观点</a></li> <li class="BorderTop"><a href="/Information/cycf">创业财富</a></li> </ul></li> <li class="mainlevel" id="mainlevel_1"><a href="/Smartphone">手机  <img src="/images/subnav2arrow.gif" border="0"></a> <ul id="sub_1"> <li ><a href="/Smartphone/Android">Android手机</a></li> <li class="BorderTop"><a href="/Smartphone/iphone">iPhone</a></li> <li class="BorderTop"><a href="/Smartphone/WindowsPhone">Windows Phone</a></li> </ul></li> <li class="mainlevel" id="mainlevel_2"><a href="/Pad">qx电脑  <img src="/images/subnav2arrow.gif" border="0"></a> <ul id="sub_2"> <li ><a href="/Pad/Android">Androidqx</a></li> <li class="BorderTop"><a href="/Pad/ipad">iPad</a></li> <li class="BorderTop"><a href="/Pad/Windowspad">Windowsqx</a></li> </ul></li> <li class="mainlevel" id="mainlevel_3"><a href="/Notebook">W记本电?nbsp; <img src="/images/subnav2arrow.gif" border="0"></a> <ul id="sub_3"> <li ><a href="/Notebook/main">LW记?/a></li> <li class="BorderTop"><a href="/Notebook/Ultrabook">?/a></li> <li class="BorderTop"><a href="/Notebook/yxbjb">游戏W记?/a></li> <li class="BorderTop"><a href="/Notebook/macnb">ҎW记?/a></li> </ul></li> <li class="mainlevel" id="mainlevel_4"><a href="/Parts">装机升  <img src="/images/subnav2arrow.gif" border="0"></a> <ul id="sub_4"> <li ><a href="/Parts/CPU">CPU</a></li> <li class="BorderTop"><a href="/Parts/Motherboard">L</a></li> <li class="BorderTop"><a href="/Parts/Graphics">昑֍</a></li> <li class="BorderTop"><a href="/Parts/Memory">内存盘</a></li> <li class="BorderTop"><a href="/Parts/Peripheral">电脑外设</a></li> </ul></li> </ul> </div> <script type="text/javascript" src="/Scripts/ad/10.js"></script> <div class="nav3" parentClassid='2'><ul></ul></div><div class="nav3 disable" parentClassid='5'><ul><li class="ClassMenuTab Class_Leve2 this" classid='17'><a href="/Parts/CPU">CPU</a></li><li class="ClassMenuTab Class_Leve2" classid='18'><a href="/Parts/Motherboard">L</a></li><li class="ClassMenuTab Class_Leve2" classid='19'><a href="/Parts/Graphics">昑֍</a></li><li class="ClassMenuTab Class_Leve2" classid='20'><a href="/Parts/Memory">内存盘</a></li><li class="ClassMenuTab Class_Leve2" classid='22'><a href="/Parts/Peripheral">电脑外设</a></li></ul><ul class="subcate" parentClassid='17'><li classid='/Parts/CPU/New'><a href="/Parts/CPU/New">新闻</a></li><li classid='/Parts/CPU/Skill'><a href="/Parts/CPU/Skill">技?/a></li><li classid='/Parts/CPU/cpupc'><a href="/Parts/CPU/cpupc">评测</a></li><li classid='/Parts/CPU/cpudg'><a href="/Parts/CPU/cpudg">D</a></li></ul></div><div class="nav3 disable" parentClassid='97'><ul><li class="ClassMenuTab Class_Leve2 this" classid='98'><a href="/Notebook/main">LW记?/a></li><li class="ClassMenuTab Class_Leve2" classid='99'><a href="/Notebook/Ultrabook">?/a></li><li class="ClassMenuTab Class_Leve2" classid='125'><a href="/Notebook/yxbjb">游戏W记?/a></li><li class="ClassMenuTab Class_Leve2" classid='126'><a href="/Notebook/macnb">ҎW记?/a></li></ul><ul class="subcate" parentClassid='98'><li classid='/Notebook/main/News'><a href="/Notebook/main/News">新闻</a></li><li classid='/Notebook/main/Skill'><a href="/Notebook/main/Skill">技?/a></li><li classid='/Notebook/main/zlnbpc'><a href="/Notebook/main/zlnbpc">评测</a></li><li classid='/Notebook/main/zlnbdg'><a href="/Notebook/main/zlnbdg">D</a></li></ul></div><div class="nav3 disable" parentClassid='104'><ul><li class="ClassMenuTab Class_Leve2 this" classid='105'><a href="/Smartphone/Android">Android手机</a></li><li class="ClassMenuTab Class_Leve2" classid='139'><a href="/Smartphone/iphone">iPhone</a></li><li class="ClassMenuTab Class_Leve2" classid='140'><a href="/Smartphone/WindowsPhone">Windows Phone</a></li></ul><ul class="subcate" parentClassid='105'><li classid='/Smartphone/Android/Skill'><a href="/Smartphone/Android/Skill">技?/a></li><li classid='/Smartphone/Android/Android'><a href="/Smartphone/Android/Android">新闻</a></li><li classid='/Smartphone/Android/Androidpc'><a href="/Smartphone/Android/Androidpc">评测</a></li><li classid='/Smartphone/Android/Androiddg'><a href="/Smartphone/Android/Androiddg">D</a></li></ul></div><div class="nav3 disable" parentClassid='108'><ul><li class="ClassMenuTab Class_Leve2 this" classid='109'><a href="/Pad/Android">Androidqx</a></li><li class="ClassMenuTab Class_Leve2" classid='151'><a href="/Pad/ipad">iPad</a></li><li class="ClassMenuTab Class_Leve2" classid='152'><a href="/Pad/Windowspad">Windowsqx</a></li></ul><ul class="subcate" parentClassid='109'><li classid='/Pad/Android/News'><a href="/Pad/Android/News">新闻</a></li><li classid='/Pad/Android/Skill'><a href="/Pad/Android/Skill">技?/a></li><li classid='/Pad/Android/Androidpadpc'><a href="/Pad/Android/Androidpadpc">评测</a></li><li classid='/Pad/Android/Androidpaddg'><a href="/Pad/Android/Androidpaddg">D</a></li></ul></div> </div> <div class="bread"> 当前位置Q?a href="/">首页</a> > <a href="/Information">新闻资讯</a> > <a href="/Information/Tech">U技生活</a> > <a href="/Information/Tech/News">新闻</a> </div> <div id="main"> <div id="mainlft"> <div id="editorInfo" class="floatedit" style="position: absolute; display: none"> <div class="floatedit01"> <img src="/images/fediter01.gif"> </div> <div class="floatedit02"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> <td rowspan="3"> <a href="#" target="_blank"> <img src="http://img.icpcw.com/Editor/40.jpg" border="0" width="50px" height="50px"></a> </td> <td> <a href="http://www.theandybumataishow.com/" target="_blank">??/a> </td> </tr> <tr> <td> <a href="" target="_blank">??/a> </td> </tr> <tr> <td> <a href="/EditorArticle/40/" target="_blank">他的文章</a> </td> </tr> </tbody> </table> </div> <div class="floatedit01"> <img src="/images/fediter03.gif"> </div> </div> <div class="sub4lft"> <div class="sub4textit"> 西工大遭|络dQ源头竟是美国安局 </div> <div class="tabtit0523"> <ul> <li class="zhengwen"><a href="/Information/Tech/News/3374/337431.htm">正文</a></li> </ul> </div> <div class="sub4textexpl"> <ul> <li>2022/9/7 14:53:30</li> <li>cdQ原?/li> <li>来源Q?span>电脑?/span></li> <li>报纸~辑Q?a id="editor" href="/EditorArticle/40/" style="text-decoration: underline; color: blue;">电脑?/a></li> <li>作者:</li> </ul> </div> <div class="sub4summary"> 【电脑报在线??日,国家计算机病毒应急处理中心发布《西北工业大学遭国NSA|络d事g调查报告Q之一Q》? </div> <div class="sub4text"> <div class="rich_media_content " id="js_content" style="margin: 0px; padding: 0px; outline: 0px; overflow: hidden; color: rgb(34, 34, 34); font-size: 17px; overflow-wrap: break-word; text-align: justify; position: relative; z-index: 0; font-family: system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "PingFang SC", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; visibility: visible;"><section data-tools="135~辑? data-id="88174" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section data-width="100%" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section data-width="15%" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><p style="margin: 0px 0px 0em; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; clear: both; min-height: 1em; text-align: center; visibility: visible;"><br /></p><section label="Copyright 2018 iPaiban All Rights Reserved Q本样式已做版权保护Q未l正式授权不允许MW三方编辑器、企业、个Z用,q者必U)" donone="shifuMouseDownPayStyle('shifu_qmi_021')" style="margin: 0.5rem auto; padding: 0px; outline: 0px; max-width: 100%; color: rgb(0, 0, 0); font-family: 微Y雅黑, "Microsoft YaHei"; font-size: 16px; text-align: start; width: 612.3px; border-width: initial; border-style: none; border-color: initial; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; width: 612.3px; text-align: center; visibility: visible;"><section style="margin: 0px; padding: 0px 0px 2px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 2px solid red; display: inline-flex; visibility: visible;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 1px dashed red; display: inline-flex; font-size: 1rem; visibility: visible;"><p style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; clear: both; min-height: 1em; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 14px; visibility: visible;">重磅调查l果</span></span></p></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(0, 0, 0); font-size: 15px; visibility: visible;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;" /></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(0, 0, 0); font-size: 15px; visibility: visible;">9?日,国家计算机病毒应急处理中心发布《西北工业大学遭国NSA|络d事g调查报告Q之一Q》。技术团队先后从西北工业大学的多个信息系l和上网l端中提取到了多ƾ木马样本,l合使用国内现有数据资源和分析手D,q得CƧ洲、南亚部分国家合作伙伴的通力支持Q全面还原了相关d事g的M概貌、技术特征、攻L器、攻击\径和d源头Q初步判明相xL动源自美国国家安全局QNSAQ“特定入侵行动办公室”(Office of Tailored Access OperationQ简UTAOQ?br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;" /></span></section></section></section></section></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0); visibility: visible;">从报告来看,TAO在对西北工业大学的网l攻击行动中Q先后用了41UNSA的专用网l攻L器装备。ƈ且在dq程中,TAO会根据目标环境对同一Ƅl武器进行灵z配|?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em; visibility: visible;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">发动此次d的负责h也Q出水面。据该报告,NSA对西北工业大学攻ȝ密期间的TAO负责人是|伯特•乔伊斯QRobert Edward JoyceQ?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="6" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section data-width="100%" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section label="Copyright 2018 iPaiban All Rights Reserved Q本样式已做版权保护Q未l正式授权不允许MW三方编辑器、企业、个Z用,q者必U)" donone="shifuMouseDownPayStyle('shifu_qmi_021')" style="margin: 0.5rem auto; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; width: 612.3px; border-width: initial; border-style: none; border-color: initial;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; width: 612.3px; text-align: center;"><section style="margin: 0px; padding: 0px 0px 2px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 2px solid red; display: inline-flex;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 1px dashed red; display: inline-flex; font-size: 1rem;"><p style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; clear: both; min-height: 1em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: justify; font-size: 14px;">真相发布</span></span></p></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">9?日至11日,2022q国家网l安全宣传周在全国范围内统一开展。D办网l安全宣传周、提升全民网l安全意识和技能,是国家网l安全工作的重要内容?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">也是在这一天(9?日)Q国家计机病毒应急处理中心发布《西北工业大学遭国NSA|络d事g调查报告Q之一Q》?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">2022q??2日,西北工业大学发布《公开声明》称Q该校遭受境外网l攻凅R陕西省西安市公安局林分局随即发布《警情通报》,证实在西北工业大学的信息|络中发C多款源于境外的木马样本,西安警方已对此正式立案调查?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">据央视新闻,国家计算机病毒应急处理中心和360公司联合l成技术团队(以下U“技术团队”)Q全E参与了此案的技术分析工作。技术团队先后从西北工业大学的多个信息系l和上网l端中提取到了多ƾ木马样本,l合使用国内现有数据资源和分析手D,q得CƧ洲、南亚部分国家合作伙伴的通力支持Q全面还原了相关d事g的M概貌、技术特征、攻L器、攻击\径和d源头Q初步判明相xL动源自美国国家安全局QNSAQ“特定入侵行动办公室”(Office of Tailored Access OperationQ后文简UTAOQ?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="6" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section data-width="100%" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section label="Copyright 2018 iPaiban All Rights Reserved Q本样式已做版权保护Q未l正式授权不允许MW三方编辑器、企业、个Z用,q者必U)" donone="shifuMouseDownPayStyle('shifu_qmi_021')" style="margin: 0.5rem auto; padding: 0px; outline: 0px; max-width: 100%; color: rgb(0, 0, 0); font-family: 微Y雅黑, "Microsoft YaHei"; font-size: 16px; text-align: start; width: 612.3px; border-width: initial; border-style: none; border-color: initial; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; width: 612.3px; text-align: center;"><section style="margin: 0px; padding: 0px 0px 2px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 2px solid red; display: inline-flex;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; border-bottom: 1px dashed red; display: inline-flex; font-size: 1rem;"><p style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; clear: both; min-height: 1em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-family: mp-quote, -apple-system-font, BlinkMacSystemFont, "Helvetica Neue", "PingFang SC", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; text-align: justify; font-size: 14px;">详细q程q原</span></span></p></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">本次调查发现Q在q年里,国NSA下属TAO对中国国内的|络目标实施了上万次的恶意网l攻击,控制了数以万计的|络讑֤Q网l服务器、上|终端、网l交换机、电话交换机、\由器、防火墙{)Q窃取了过140GB的高价值数据。TAO利用其网l攻L器^台、“零日漏z”(0dayQ及其控制的|络讑֤{,持箋扩大|络d和范围?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">l技术分析与溯源Q技术团队现已澄清TAOdzd中用的|络d基础设施、专用武器装备及技战术Q还原了dq程和被H取的文Ӟ掌握了美国NSA及其下属TAO对中国信息网l实施网l攻d数据H密的相兌据,涉及在美国国内对中国直接发v|络d的h?3名,以及NSA通过掩护公司为构建网l攻ȝ境而与国电信q营商签订的合同60余䆾Q电子文?70余䆾?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">在针对西北工业大学的|络d中,TAO使用?0余种不同的NSA专属|络d武器Q持l对西北工业大学开展攻ȝ密,H取该校关键|络讑֤配置、网数据、运l数据等核心技术数据。通过取证分析Q技术团队篏计发现攻击者在西北工业大学内部渗透的d链\多达1100余条、操作的指o序列90余个Qƈ从被入R的网l设备中定位了多份遭H取的网l设备配|文件、遭嗅探的网l通信数据及口令、其他类型的日志和密钥文件以及其他与dzd相关的主要细节?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">为掩护其d行动QTAO在开始行动前会进行较长时间的准备工作Q主要进行匿名化d基础设施的徏设。TAO利用其掌握的针对SunOS操作pȝ的两个“零日漏z”利用工P选择了中国周边国家的教育机构、商业公司等|络应用量较多的服务器为攻ȝ标;d成功后,安装NOPEN木马E序Q详见有关研I报告)Q控制了大批x机?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO在针对西北工业大学的|络d行动中先后用了54台蟩板机和代理服务器Q主要分布在日本、韩国、瑞典、L兰、乌克兰{?7个国Ӟ其中70%位于中国周边国家Q如日本、韩国等?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">q些x机的功能仅限于指令中转,卻I上一U的x指o转发到目标系l,从而掩盖美国国家安全局发v|络d的真实IP。目前已l至掌握TAO从其接入环境Q美国国内电信运营商Q控制蟩板机的四个IP地址Q分别ؓ209.59.36.*?9.165.54.*?07.195.240.*?09.118.143.*。同ӞZq一步掩盖蟩板机和代理服务器与NSA之间的关联关p,NSA使用了美国Register公司的匿名保护服务,对相兛_名、证书以及注册h{可溯源信息q行匿名化处理,无法通过公开渠道q行查询?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">技术团队通过威胁情报数据兌分析Q发现针对西北工业大学攻d^台所使用的网l资源共涉及5C理服务器QNSA通过U密成立的两家掩护公司向国泰瑞马克QTerremarkQ公司购C埃及、荷兰和哥u比亚{地的IP地址QƈU用一Ҏ务器。这两家公司分别为杰克•史密斯咨询公司QJackson Smith ConsultantsQ、穆勒多元系l公司(Mueller Diversified SystemsQ?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">同时Q技术团队还发现QTAO基础设施技术处QMITQ工作h员用“阿D•拉c雷斯(Amanda RamirezQ”的名字匿名购买域名和一份通用的SSL证书QIDQe42d3bea0a16111e67ef79f9cc2*****Q。随后,上述域名和证书被部v在位于美国本土的中间人攻d^台“酸狐狸”(FoxacidQ上Q对中国的大量网l目标开展攻凅R特别是QTAO对西北工业大学等中国信息|络目标展开了多轮持l性的d、窃密行动?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO在对西北工业大学的网l攻击行动中Q先后用了41UNSA的专用网l攻L器装备。ƈ且在dq程中,TAO会根据目标环境对同一Ƅl武器进行灵z配|。例如,对西北工业大学实施网l攻M使用的网l武器中Q仅后门工具“狡诈异端犯”(NSA命名Q就?4个不同版本。技术团队将此次dzd中TAO所使用工具cd分ؓ四大c,具体包括Q?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="87856" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(2, 30, 170);">1.漏洞dH破cL?/span></span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(0, 0, 0); font-size: 15px;">TAO依托此类武器对西北工业大学的边界|络讑֤、网x务器、办公内|主机等实施dH破Q同时也用来d控制境外xZ构徏匿名化网l作动掩护?/span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(0, 0, 0); font-size: 15px;">此类武器共有3U:</span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(0, 0, 0); font-size: 15px;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">①“剃d?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器可针对开放了指定RPC服务的X86和SPARC架构的Solarisepȝ实施q程漏洞dQ攻L可自动探知目标系l服务开放情况ƈ化选择合适版本的漏洞利用代码Q直接获取对目标L的完整控制权。此武器用于Ҏ本、韩国等国家x机的dQ所控制x用于对西北工业大学的|络d?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">②“孤岛?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器同样可针对开放了指定RPC服务的Solarispȝ实施q程溢出dQ直接获取对目标L的完整控制权。与“剃d”的不同之处在于此工具不具备自主探测目标服务开放情늚能力Q需׃用者手动配|目标及相关参数。NSA使用此武器攻L制了西北工业大学的边界服务器?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">③“酸狐狸”武器^?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器^台部|在哥u比亚Q可l合“二ơ约会”中间hd武器使用Q可化配|漏z蝲荷针对IE、FireFox、Safari、Android Webkit{多q_上的L览器开展远E溢出攻击,获取目标pȝ的控制权Q详见:国家计算机病毒应急处理中心《美国国家安全局QNSAQ“酸狐狸”漏z攻L器^台技术分析报告》)。TAO主要使用该武器^台对西北工业大学办公内网Lq行入R?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="87856" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(2, 30, 170);"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; font-size: 15px; box-sizing: border-box !important; overflow-wrap: break-word !important;">2.持久化控制类武器</span></span></span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO依托此类武器对西北工业大学网l进行隐蔽持久控ӞTAO行动队可通过加密通道发送控制指令操作此cL器实施对西北工业大学|络的渗透、控制、窃密等行ؓ。此cL器共?U:</span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">①“二ơ约会?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器长期驻留在|关服务器、边界\由器{网l边界设备及服务器上Q可针对量数据量q行_ևqo与自动化劫持Q实C间hd功能。TAO在西北工业大学边界设备上安置该武器,劫持经该设备的量引导至“酸狐狸”^台实施漏z攻凅R?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">②“NOPEN?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器是一U支持多U操作系l和不同体系架构的远控木马,可通过加密隧道接收指o执行文g理、进E管理、系l命令执行等多种操作Qƈ且本w具备权限提升和持久化能力(详见Q国家计机病毒应急处理中心《“NOPEN”远控木马分析报告》)。TAO主要使用该武器对西北工业大学|络内部的核心业务服务器和关键网l设备实施持久化控制?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">③“怒火喷射?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器是一Ƒ֟于Windowspȝ的支持多U操作系l和不同体系架构的远控木马,可根据目标系l环境定制化生成不同cd的木马服务端Q服务端本n具备极强的抗分析、反调试能力。TAO主要使用该武器配合“酸狐狸”^台对西北工业大学办公|内部的个hL实施持久化控制?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">④“狡诈异端犯?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器是一ƾ轻量的后门植入工Pq行后即自删除,具备权限提升能力Q持久驻留于目标讑֤上ƈ可随pȝ启动。TAO主要使用该武器实现持久驻留,以便在合适时机徏立加密管道上传NOPEN木马Q保障对西北工业大学信息|络的长期控制?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">⑤“坚忍外U医生?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器是一N对Linux、Solaris、JunOS、FreeBSD{?U类型操作系l的后门Q该武器可持久化q行于目标设备上Q根据指令对目标讑֤上的指定文g、目录、进E等q行隐藏。TAO主要使用该武器隐藏NOPEN木马的文件和q程Q避免其被监控发现。技术分析发玎ͼTAO在对西北工业大学的网l攻MQ篏计用了该武器的12个不同版本?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="87856" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(2, 30, 170);"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; font-size: 15px; box-sizing: border-box !important; overflow-wrap: break-word !important;">3.嗅探H密cL?/span></span></span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO依托此类武器嗅探西北工业大学工作人员q维|络时用的账号口o、命令行操作记录Q窃取西北工业大学网l内部的敏感信息和运l数据等。此cL器共有两U:</span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">①“饮茶?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器可长期ȝ?2位或64位的Solarispȝ中,通过嗅探q程间通信的方式获取ssh、telnet、rlogin{多U远E登录方式下暴露的̎号口令。TAO主要使用该武器嗅探西北工业大学业务h员实施运l工作时产生的̎号口令、命令行操作记录、日志文件等Q压~加密存储后供NOPEN木马下蝲?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">②“敌后行动”系列武?/span></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此系列武器是专门针对电信q营商特定业务系l用的工具Q根据被控业务设备的不同cdQ“敌后行动”会与不同的解析工具配合使用。TAO在对西北工业大学的网l攻M使用了“魔法学校”、“小丑食物”和“诅咒之火”等3c针对电信运营商的攻ȝ密工兗?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="87856" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; color: rgb(2, 30, 170); font-size: 15px;">4.隐蔽消痕cL?/span></span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO依托此类武器消除其在西北工业大学|络内部的行为痕q,隐藏、掩饰其恶意操作和窃密行为,同时ZqCcL器提供保护。现已发?U此cL器:</span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">“吐叔R包?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">此武器可用于查看、修改utmp、wtmp、lastlog{日志文件以清除操作痕迹。TAO主要使用该武器清除、替换被控西北工业大学上|设备上的各cL志文Ӟ隐藏其恶意行为。TAO对西北工业大学的|络d中共使用?ƾ不同版本的“吐叔R包”?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-role="title" data-tools="135~辑? data-id="6" data-color="#ac1d10" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section data-width="100%" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">d溯源</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section></section></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">技术团队结合上q技术分析结果和溯源调查情况Q初步判断对西北工业大学实施|络d行动的是国国家安全局QNSAQ信息情报部Q代号SQ数据侦察局Q代号S3Q下属TAOQ代号S32Q部门。该部门成立?998q_其力量部|主要依托美国国家安全局QNSAQ在国和欧z的各密码中心?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">目前已被公布的六个密码中心分别是Q?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);"></span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-tools="135~辑? data-id="86005" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section data-autoskip="1" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">1、美国马里兰州米德堡的NSA总部Q?/span></section><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">2、美国夏威夷瓦胡岛的NSA夏威夷密码中心(NSAHQ;</span></section><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">3、美国佐M州戈d的NSA佐治亚密码中心(NSAGQ;</span></section><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">4、美国d克萨斯州圣安东尼奥的NSA德克萨斯密码中心QNSATQ;</span></section><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">5、美国科|拉|州丹佛马克利空军基地的NSAU罗拉罗密码中心QNSACQ;</span></section><section style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">6、d国达姆施塔特军基地的NSAƧ洲密码中心QNSAEQ?/span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">TAO是目前美国政府专门从事对他国实施大规模网l攻ȝ密活动的战术实施单位Q由2000多名军h和文职h员组成,其内设机构包括:</span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section data-tools="135~辑? data-id="86005" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section data-autoskip="1" style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W一处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">q程操作中心QROCQ代号S321Q,主要负责操作武器q_和工兯入ƈ控制目标pȝ或网l?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W二处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">先进/接入|络技术处QANTQ代号S322Q,负责研究相关g技术,为TAO|络d行动提供g相关技术和武器装备支持?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W三处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">数据|络技术处QDNTQ代号S323Q,负责研发复杂的计机软g工具QؓTAO操作人员执行|络dd提供支撑?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W四处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">电信|络技术处QTNTQ代号S324Q,负责研究电信相关技术,为TAO操作人员隐蔽渗透电信网l提供支撑?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W五处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">d基础设施技术处QMITQ代号S325Q,负责开发与建立|络基础设施和安全监控^収ͼ用于构徏d行动|络环境与匿名网l?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W六处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">接入行动处(ATOQ代号S326Q,负责通过供应链,Ҏ送达目标的品进行后门安装?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">W七处:</span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">需求与定位处(R&TQ代号S327Q,接收各相兛_位的dQ确定侦察目标,分析评估情报价倹{?/span></section></section></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">S32PQ?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">目计划整合处(PPIQ代号S32PQ,负责M规划与项目管理?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">NWTQ?/span></span><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">|络战小l(NWTQ,负责与网l作战小队联l?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">国国家安全局QNSAQ针对西北工业大学的d行动代号为“阻击XXXX”(shotXXXXQ。该行动由TAO负责人直接指挥,由MITQS325Q负责构Z察环境、租用攻击资源;由R&TQS327Q负责确定攻击行动战略和情报评估Q由ANTQS322Q、DNTQS323Q、TNTQS324Q负责提供技术支撑;由ROCQS321Q负责组l开展攻M察行动。由此可见,直接参与指挥与行动的主要包括TAO负责人,S321和S325单位?/span></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><br style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;" /></section><section style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; line-height: 1.75em;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 15px; color: rgb(0, 0, 0);">NSA对西北工业大学攻ȝ密期间的TAO负责人是|伯特•乔伊斯QRobert Edward JoyceQ。此Z1967q??3日出生,曑ְM汉尼拔高中,1989q毕业于克拉克森大学Q获学士学位Q?993q毕业于U翰斯•霍普金斯大学,L士学位?989q进入美国国家安全局工作。曾l担任过TAO副主任,2013q至2017q担任TAOMQ?017q?0月开始担M理美国国土安全顾问?018q?月至5月,担Q国白宫国务安全NQ后回到NSA担Q国国家安全局局长网l安全战略高U顾问,现担任NSA|络安全ȝ?/span></section><p style="margin: 0px 8px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; letter-spacing: 0.544px; font-family: -apple-system, BlinkMacSystemFont, "Helvetica Neue", "PingFang SC", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; line-height: 1.75em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; font-size: 14px; color: rgb(136, 136, 136);"><span style="margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">~辑|张?/span></span></p></div> </div> <div class="invest" id="vote" style="display: none"> </div> <div class="s4pg martop10"> <div class="pager"> </div> </div> <div class="sub4frht"> 本文2022-09-05出版的《电脑报?022q第35?A.新闻周刊</br> (|站~辑Qqiaoyun)</br> </br> </br> </div> </div> <div class="share"> <table> <tr> <td> <div class="bdsharebuttonbox"> <a href="#" class="bds_weixin" data-cmd="weixin" title="分n到微? style="float: right; padding-left: 25px;"></a> <span style="line-height: 35px">分n刎ͼ</span> </div> <script> window._bd_share_config = { "common": { "bdSnsKey": {}, "bdText": "", "bdMini": "2", "bdMiniList": false, "bdPic": "", "bdStyle": "0", "bdSize": "24" }, "share": {} }; with (document) 0[(getElementsByTagName('head')[0] || body).appendChild(createElement('script')).src = 'http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=' + ~(-new Date() / 36e5)]; </script> </td> </tr> </table> </div> <div class="contentForm" style="display: none"> <div class="discussrht"> <div class="discussrht01"> <strong>发表l力评论Q看新闻Q说两句?/strong> </div> <div class="discussrht02"> <textarea name="textarea" id="Textarea1" class="CommentContent" submitbtn="submitComment3" cols="" rows=""></textarea> </div> <div class="discussrht03"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tbody> <tr> <td width="63%"> <input class="Anonymous" name="input" type="checkbox" id="checkbox1" checked="checked" /> 匿名 </td> <td width="21%" class="fcred">ctrl+enter快捷提交 </td> <td width="16%"> <a href="javascript:void(0)" id="submitComment3" onclick="postComment( $('#checkbox1').attr('checked'),'Textarea1',replyCid)"> <img src="/images/discuss.gif" border="0" /></a> </td> </tr> </tbody> </table> </div> </div> </div> </div> <div id="mainrht" class="pcmian_rht"> <div class="news300"> <div class="subnewstitle">读者活?/div> <div class="newstext wid300" data="dzhd1"> </div> <div class="newstext newstext_wid300"> <ul data="dzhd2"> </ul> </div> </div> <div class="news300 martop30"> <div class="subnewstitle">48时点击排行</div> <div class="newstext wid300"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> <td height="10"></td> </tr> <tr> <td align="center" class="fcblue" data="djphb1"></td> </tr> <tr> <td height="5"></td> </tr> </tbody> </table> </div> <div class="newstext newstext_wid300"> <ul data="djphb2"> </ul> </div> </div> <div class="news300 martop30"> <div class="subnewstitle">~辑推荐</div> <div class="newstext wid300"><table width="100%" border="0" cellpadding="0" cellspacing="0"><tbody><tr><td height="10"></td></tr><tr><td align="center" class="fcblue"><a href="/Information/Tech/News/3374/337431.htm" target="_blank">西工大遭|络dQ源头竟是美国安局</a></td></tr><tr><td height="5"></td></tr></tbody></table></div><div class="newstext newstext_wid300"><ul data="ltrt2"><li><a href="/Information/Tech/News/3374/337430.htm" target="_blank">北斗+华ؓQ“捅破天”的短报文有什么用Q?/a></li><li><a href="/Information/Tech/News/3374/337413.htm" target="_blank">索尼Q你有很多PC玩家放不下?</a></li><li><a href="/Information/Tech/News/3374/337410.htm" target="_blank">底捞“网U鸡汤”竟pȝ料冲泡?</a></li><li><a href="/Information/Tech/News/3374/337409.htm" target="_blank">重要公告Q中国银行关闭这ATM业务</a></li><li><a href="/Information/Tech/News/3374/337402.htm" target="_blank">q营商盖章认可,q款手机信号最?/a></li><li><a href="/Information/Tech/News/3374/337401.htm" target="_blank">仅剩1天!q?ƾ新机限?999?/a></li><li><a href="/Information/Tech/News/3374/337400.htm" target="_blank">半h拥有旗舰Q“库存手机”值得入手吗?</a></li></ul></div> </div> <div class="news300 martop30"> <div class="subnewstitle">论坛热帖</div> <div class="newstext wid300"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> <td height="10"></td> </tr> <tr> <td align="center" class="fcblue" data="ltrt1"></td> </tr> <tr> <td height="5"></td> </tr> </tbody> </table> </div> <div class="newstext newstext_wid300"> <ul data="ltrt2"> </ul> </div> <div class="mainrhtad"> <!---<script type="text/javascript" src="/Scripts/ad/13.js"></script>--> </div> </div> </div> <div id="Copyright"> 发稿与合作:17619887(QQ和邮?、yslsoso(微信)办公室电话:023-63658806不良信息举报及站务:349949@qq.com互换友链Q百?=6Q:349949QQQQ?br /> Copyright © 2006-2021 电脑报官方网?版权所?渝ICP?0009040?1 </div> <div style="display: none"> <script src="http://s85.#/stat.php?id=4323216&web_id=4323216" language="JavaScript"></script> </div> </div> </div> <script type="text/javascript"> var articleID = 337431; var classID = 166; var _pic = encodeURI(''); </script> <script src="/Scripts/Article.js" type="text/javascript"></script> <a href="http://www.theandybumataishow.com/">ձŮػһվ_Ʒۺ_ɫþþþþۺ_ŷͼƬĻ</a> <script> (function(){ var bp = document.createElement('script'); var curProtocol = window.location.protocol.split(':')[0]; if (curProtocol === 'https') { bp.src = 'https://zz.bdstatic.com/linksubmit/push.js'; } else { bp.src = 'http://push.zhanzhang.baidu.com/push.js'; } var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(bp, s); })(); </script> </body> </html>