Police are investigating a cyberattack launched from overseas on the email system of Northwestern Polytechnical University in Xi'an, Shaanxi province. Key evidence of the attack has been secured, local police said on Thursday.
At around 3 pm on April 12, a police station in Xi'an's Beilin district received a report from the university's information administration department saying it had found phishing emails with Trojan horse programs pretending to be research reviews, invitations to academic events and opportunities to study abroad, Beilin police said in a statement.
The emails attempted to trick students and teachers at the university－known for its education and research programs in the fields of aeronautics, astronautics and marine technology engineering－into clicking on links and giving away their sign-in information, which would result in potential data leaks, it added.
An initial investigation found that the cyberattack was carried out by overseas hackers and posed a grave threat to the university's information system, putting the personal data of students and teachers at risk. Phishing emails and Trojan horse programs used in the attack have been obtained as key evidence, local police said.
The university said in a statement on Wednesday that the attack has not led to any key data leaks so far, but it still represents a huge risk.
It noted that the university has been paying a great deal of attention to cyberattacks, with the application of regular cybersecurity inspections and technical monitoring as well as heightened awareness among teachers and students.
The university reserves the right to take further legal action and will take measures to build a strong network security barrier and better protect the legitimate rights and interests of teachers and students, it added.
China has stepped up its efforts in combating rising cyberattack risks from home and abroad, including implementing the Cybersecurity Law in June 2017.
Beilin police informed the public in the statement that they should report any cyberattack to the police and all cases will be dealt with in accordance with the Cybersecurity Law.
According to the most recent report from the country's cybersecurity watchdog on China's cybersecurity situation, during the first six months of 2021, more than 23 million uses of malware had been detected. Of those from overseas, about 49 percent were from the United States.
About 4.46 million computers in China had been infected by malware during the same period, an increase of more than 46.8 percent from the same period in the previous year, according to the National Computer Network Emergency Response Technical Team.
Besides hacking data and information, overseas organizations have also attempted to gain control of computers in China to launch cyberattacks against Russia, Ukraine and Belarus since late February, the watchdog said in March.
Analysis has revealed that most of the internet addresses launching such attacks were based in the US, and that a small number of addresses were found to be based in countries such as Germany and the Netherlands.