How many times over the past year have we either had to point the finger at China on charges of cyber-espionage, or been in the position of saying, well, we don't know that China is responsible, but it kind of looks like it?
Robert McGarvey has covered the case for us, reporting on Advanced Persistent Threats which appear to have gained prolonged access to intellectual property and other confidential information. He wrote:
Do all the attacks originate in China? Right now, say the experts, the digital fingerprints appear to be Chinese, but there is recognition that capable cyberspies (perhaps in Russia, South Korea, Israel, or France, to name nations often cited) are well able to generate false trails.
Even so, it looks like the Chinese have been doing more snooping; the target, revealed just yesterday, the US Chamber of Commerce.
According to the WSJ, the breach was discovered and covertly blocked last year. It's clear, however, that what we are seeing once again is evidence of a persistent attack. The exploit against the Chamber did not consist of a quick hit and data theft but seems to have involved continuous access and review of records for more than a year.
The circumstances in which the exploit was uncovered remain murky, as does the evidence against China. Indeed, the embassy was quick to deny involvement:
The allegation that the attack against the Chamber originated in China "lacks proof and evidence and is irresponsible," adding that the hacking issue shouldn't be "politicized."
Not caught red-handed, then, and one begins to wonder whether "politics" constrains law enforcement action in a case like this.
Adding to the list of things we don't know, it's not clear what information was taken and why, although there was reportedly a focus on the emails of officials engaged in Asian policy. As ever, we can lay awake worrying about the possibilities, such as the ammunition of phishing (or "whaling") attacks on member companies which might have been siphoned from the Chamber's records.
Where does this leave US enterprise and institutions, except at the mercy of foreign agents, whether Chinese or not; whether state-sponsored or not? If a threat can lurk on a network for a year or more without being discovered, we should perhaps look again at McAfee's report on Operation Shady Rat released earlier this year, and its conclusion:
This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don't have anything valuable or interesting worth stealing.
scucci,don't know about China, but in Russia, even if the goverment knew about these attacks they a)most probably didn't care b) they most probably somehow would be connected with that. c)The officials would smile and assure that they would do anything to take care about these attacks and they are very sorry but- take a look at a)
Well if you're in the government I would probably want to know who's attacking me. It just really annoys me when these countries just hold their hands up when we bring up evidence.
Once these guys are in your network they're going to take low-and-slow approach. They're not trying to crash and grab some data here, they're in it for the long term, and most of them last months if not years in systems.
I'm glad someone's finally saying something about fat elephant in the room. I'm actually very tired of seeing all of these attacks coming from China, I don't care if they're actually from them, it doesn't matter to me who's attacking the point someone is attacking.
And, I'm very annoyed at China for just throwing up their hands again, "Opps someone else must have did it again!!". Are you kidding me!! The complete lack of effort that China plays in assisting with these attacks is reason enough for me to belive that they're in on it.
Even so, it looks like the Chinese have been doing more snooping; the target, revealed just yesterday, the US Chamber of Commerce.
@Kim, I think its obvious that China will resort to such tactics because China is competing hard with USA to become the global super power. US should be very careful while dealing with china especially when outsourcing its IP to china.
It's a shame, but I have to agree with you. As a security professional, I can say from experience that we are seen as doom & gloomers. The common consensus by the front office is that that won't ever happen to us when the reality is you can never know what data will be attractive at any given time. It all depends on what the market wants and when.
I still think many enterprises and institutions - even with a high profile - are thinking, well, thankfully it's not us. Without even checking whether they've already been compromised. It seems it's going to take a lot more bad news before that mind set changes.
It is hard to trace effects back to causes. If you can't say for sure who's doing it, you can't begin to speculate on the reasons. But what can be done is to take a more proactive approach by ecrypting data, hardening networks to make intrusions more difficult, requiring removable media and hard drives on laptops and desktops be encrypted... there are steps that could be taken that aren't. Any weakness can be exploited. The goal should be to try and eliminate as many as possible and as solutions are put in place for zero day exploits, they need to be implemented as soon as feasibly possible.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Extending existing US wiretap laws to give federal agencies easier backdoor access to Internet communications -- especially real-time P2P services like VoIP -- will give, not only aid and comfort, but also technical assistance, to the country's enemies. Not to mention cyberthieves.
When David E. Sanger of The New York Times broke the news that the United States was responsible for the Stuxnet malware exploit against Iran's nuclear program, Senator John McCain accused the administration of deliberately leaking the story to enhance President Obama's national security record.
The Gamma Group's business of supplying surveillance technology exclusively for use by government agencies may be legitimate. But not when it poses as the popular, free, open-source web browser Firefox.
Yesterday's hack of the official Associated Press Twitter feed demonstrated the enormous risk attached to the platform's lazy, single factor approach to security.
It wouldn't be the first time, but a group of Chinese engineers has proposed a means by which the Internet's root could be split, enabling secondary, independent networks that could be government-controlled. The Internet's root security committee is taking such proposals seriously.
US counterterrorism expert Richard Clarke, who came to prominence with his prescient warnings before the 9/11 attacks, tells Smithsonian Magazine the US was responsible for the Stuxnet supersmart worm that attacked parts of nuclear reactors in Iran – and in the process, has given away one of the world's most sophisticated cyberweapons.
Is China a threat because it censors US sites, or could it be that the country might have an economic formula that will out-innovate us on the Internet that we invented?
The FBI recently issued a warning to smartphone users, highlighting two mobile malware applications: Loozfan, which steals personal information, and FinFisher, which is spyware that takes over a smartphone's functions.
Recently, security software supplier Kaspersky identified Win32.Flame as malicious code that seems to have been developed, not by hackers, but by government agencies. Warring nations may set aside their bombs and wage their wars online.
The plan for unmanned police drones to patrol traffic and other city conditions in Seattle has sparked a new set of legal concerns about privacy. Law traditionally lags technology, but we can expect now to see a new round of activity in the courts as legal definitions begin to emerge on what "next-gen privacy" will look like.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
Email This
