GUANGZHOU, May 20 (Xinhua) -- The backend system of the self-service equipment of a science and technology company based in Guangzhou, capital city of south China's Guangdong Province, suffered a cyberattack with malicious code uploaded, said a local police report released Tuesday.
Upon receiving the alarm, the police immediately launched an investigation, collected relevant samples, and lawfully secured electronic evidence, according to the report.
After conducting technical analysis on the cyberattack methods and related malicious code samples, the police have initially determined that this cyberattack was initiated by an overseas hacker organization.
The attackers bypassed the company's network security with technical means, illegally accessed the backend systems of self-service equipment, infiltrated and took control of multiple online devices through lateral movement, according to local police.
They illegally uploaded multiple malicious programs to the backend systems of the controlled devices. The official site and certain business systems of the company were impacted, resulting in a network service outage for several hours.
The attack caused significant losses to the company, while private information of some users is suspected to have been leaked.
Following the incident, the company activated its emergency response plan immediately, tried to recover the systems, and filed a report with the local police.
The public security agency extracted samples of the attack programs, thoroughly secured relevant evidence, and deployed a specialized technical team to trace the source of the breach.
This cyberattack was an organized and premeditated large-scale operation conducted by an overseas hacker organization, the police said, noting that it bore distinct hallmarks of cyber warfare and surpassed the capability of ordinary individual hackers.
Preliminary tracing revealed that the hacker group has long been using open-source tools to scan and probe network assets of critical authorities, sensitive industries, and technology companies, while extensively searching for potential targets, according to police reports.
The group has employed technical means to identify vulnerabilities and attack vectors in the target entities' network defense system, awaiting opportunities to infiltrate and control systems, stealing and destroying sensitive data while disrupting the normal operations of affected organizations, the police noted.
The technical team's analysis indicated that the attackers demonstrated a low level of technical sophistication, leaving behind substantial digital traces during the attack. The police are conducting technical analysis and investigations into these digital traces.
This cyberattack not only infringed on the lawful interests of the company but also severely threatened China's cyberspace order and public interests, the report emphasized. The police will crack down on such illegal activities in accordance with the law. Enditem
京公网安备 11010802027341号