美情报机构盯上我国这一领域！详情披露

Core Insights - The article highlights the increasing frequency of cyberattacks by U.S. intelligence agencies targeting China's defense and military industry, posing significant threats to national security and research production safety [1][4]. Group 1: Cyberattack Incidents - A notable incident involved the exploitation of a zero-day vulnerability in Microsoft Exchange, where U.S. intelligence agencies controlled a major military enterprise's email server for nearly a year, compromising over 50 critical devices and establishing covert channels for data theft [1][2]. - Another incident targeted a communication and satellite internet military enterprise, where attackers used unauthorized access and SQL injection vulnerabilities to implant backdoor programs and malware, ultimately controlling over 300 devices and searching for sensitive military data [3]. Group 2: Attack Characteristics - The attackers employed multiple foreign IP addresses from countries such as Germany, Finland, South Korea, and Singapore to launch over 40 attacks, successfully stealing emails from 11 individuals, including high-ranking officials, related to military product designs and core system parameters [2][3]. - The attacks demonstrated advanced capabilities, including the use of log deletion, malware, and active monitoring of machine states to conceal their identities and intentions, indicating a high level of professionalism and strategic intent from state-sponsored hacker organizations [3][4]. Group 3: Overall Threat Landscape - In 2024 alone, there were over 600 cyberattack incidents against important Chinese entities, with the defense and military sector being the primary target, reflecting a systematic approach by U.S. intelligence-backed hacker groups [4].