Core Insights - The article highlights the increasing frequency and sophistication of cyberattacks by U.S. intelligence agencies targeting China's high-tech military and defense sectors, posing significant threats to national security [1][4] Group 1: Cyberattack Incidents - A notable incident involved the exploitation of a zero-day vulnerability in Microsoft Exchange, where U.S. intelligence agencies controlled a major military enterprise's email server for nearly a year, compromising over 50 critical devices and establishing covert channels for data theft [1][2] - Attackers utilized multiple foreign IP addresses to launch over 40 attacks, successfully stealing emails from 11 individuals, including high-ranking officials, related to military product designs and core system parameters [2] - Another incident targeted a military communications and satellite internet enterprise, where attackers exploited unauthorized access and SQL injection vulnerabilities to implant backdoor programs and malware, compromising over 300 devices and searching for sensitive data related to military networks [3] Group 2: Threat Landscape - In 2024 alone, there were over 600 cyberattack incidents against important Chinese entities, with the defense and military sectors being the primary targets, particularly from state-sponsored APT organizations [4] - U.S. intelligence-backed hacker groups are characterized by their organized attack teams, extensive engineering support systems, and advanced vulnerability analysis capabilities, posing a severe threat to China's critical information infrastructure and key personnel [4]
美方利用微软Exchange漏洞攻击我军工企业!详情披露