武汉地震设备遭攻击！黑手疑来自美国

26日，武汉市应急管理局发布声明称：

近期，国家计算机病毒应急处理中心和360公司向武汉市应急管理局通报，经上述机构监测发现，武汉市应急管理局所属武汉市地震监测中心部分地震速报数据前端台站采集点网络设备遭受境外组织的网络攻击。

The Wuhan Earthquake Monitoring Center in Hubei province has suffered from a cyberattack conducted by foreign organizations, the Wuhan Municipal Emergency Management Bureau said on Wednesday.

The National Computer Virus Emergency Response Center and the 360 Security Technology recently announced that the network at the front-end station of the Wuhan Earthquake Monitoring Center, which is affiliated to the bureau, was attacked by foreign organizations, the bureau said in a statement. 

为进一步查明事实，依法处理相关幕后黑客组织和不法分子的网络攻击行为，武汉市地震监测中心第一时间封存相关网络设备，并将遭受网络攻击的情况向辖区公安机关报案，将保留进一步追诉的权利。

The bureau and the center are firmly against any form of cyberattack, whether conducted by an organization or an individual, and any behavior that harms earthquake monitoring infrastructure will be investigated and held accountable under the law. 

The center closed off the network equipment in time, and reported the situation to police, the statement said, adding that the bureau reserves the right to pursue the case.

随后，武汉市公安局江汉分局发布警情通报，证实武汉市地震监测中心设备被植入后门程序，该后门程序能非法控制并窃取地震速报前端台站采集的地震烈度数据。该行为对国家安全构成严重威胁。

A post on the official account of the Wuhan Municipal Public Security Bureau stated that such attacks pose a serious threat to national security, and the Jianghan branch of the Wuhan Municipal Public Security Bureau has filed an investigation.

目前，江汉分局已对此案立案侦查，并对提取到的后门样本进一步开展技术分析。“初步判定，此事件为境外具有政府背景的黑客组织和不法分子发起的网络攻击行为。”

Technical analysis shows that a backdoor program was inserted in some of the station's network equipment, which was capable of controlling and stealing seismic activity data. According to the preliminary investigation, this attack was launched by overseas hacker organizations with governmental backgrounds, according to Wuhan police.

有专业人士对《环球时报》记者表示，地震烈度数据指地震的烈度和震级，这是衡量地震破坏力的两个重要指标，尤其是地震烈度代表对地质的破坏程度，烈度越大、破坏性越大，“地震烈度数据与国家安全息息相关，比如一些军事防御设施就需要考虑到烈度等因素。”

武汉市地震监测中心是继去年6月份西北工业大学遭受境外黑客组织网络攻击之后的又一国家单位。西北工业大学受到攻击后，中国国家计算机病毒应急处理中心和360公司联合组成技术团队对此案进行全面技术分析工作，最终确定了此次案件的“真凶”是美国国家安全局（NSA）特定入侵行动办公室（TAO）。

《环球时报》记者获悉，当前中国国家计算机病毒应急处理中心和360公司组成的专家已赴武汉开展取证工作，初步证据显示对武汉市地震监测中心实施的网络攻击来自美国。

记者：杨泽坤

来源：中国日报 央视新闻 平安江汉 环球时报