US hacked into Chinese earthquake monitoring systems to spy upon underground military bases

A recent cyberattack on the Wuhan Earthquake Monitoring Center was carried out by an entity located outside of China, according to a statement issued by the city’s emergency management bureau on Wednesday. The center is associated with the emergency management bureau. Following the hack launched from outside of China on a Chinese university in June 2022, this is yet another instance of its sort.The investigation team came to the conclusion that the cyberattack was carried out by a hacking organization and lawbreakers with governmental backgrounds who were located in a nation other than the one being investigated. According to information obtained by the Global Times, preliminary evidence reveals that a government-backed hack on the institution originated in the United States.

A cyberattack on some of the network equipment of the front-end station collection points of the Wuhan Earthquake Monitoring Center was discovered by the National Computer Virus Emergency Response Center (CVERC) and the Chinese internet security company 360 on Wednesday, according to a statement released by the Wuhan Municipal Emergency Management Bureau.

According to the statement, the center has swiftly taken measures to prevent further damage by isolating the damaged pieces of machinery and has informed the relevant authorities about the attack. This will allow the authorities to conduct an investigation into the matter and deal with the hacker group and criminals in accordance with the law. Following the attacks on Northwestern Polytechnical University (NWPU) in Xi’an, Northwest China’s Shaanxi Province, by an offshore hacking group in June 2022, the Wuhan Earthquake Monitoring Center is another national entity that has been victim to a cyberattack from outside the country. This attack comes on the heels of the attack on NWPU.

Following the incident on NWPU, the CVERC and the business 360 collaborated to establish a technical team that would carry out an in-depth investigation into the technical aspects of the case. They came to the conclusion that the hack was carried out by the Tailored Access Operations (TAO) division of the National Security Agency (NSA) in the United States.
The seismic intensity data refers to the intensity and size of an earthquake, which are two essential indications of an earthquake’s destructive potential, as was pointed out by experts in the field. Data on seismic intensity has a tight relationship to national security; for instance, some military defensive installations are required to take into consideration parameters such as seismic intensity, according to the opinions of many specialists.

According to a statement made by an expert that was cited by China Central Television (CCTV), seismic waves that travel through various subsurface media and structures would generate variations in wave velocity.

“Hackers can deduce the underground structure and lithology of a certain area by obtaining relevant data from seismic monitoring centers,” the expert added. “This information can be obtained by hackers.” “For instance, it is possible to deduce whether or not there is a large cavity located underground, and consequently, whether or not it could be a military base or command post.”

As a result of the stylistic disparities between Chinese and Western attributions, Western cybersecurity professionals have often expressed surprise in response to remarks made by China about occurrences of this kind.

When the United States and a coalition of allies formally accused hackers affiliated with China’s Ministry of State Security of breaching Microsoft Exchange email servers, leaving exposed web shells on these servers that could potentially be exploited by criminals, they criticized the “reckless” breach of U.N. cyber norms.