Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

China ready for cyberwar, espionage, report says

It's probably already spying on U.S. firms and gov't agencies

October 23, 2009 05:27 AM ET

Active Comments
Anonymous says: Of course China is ready. Do you have a computer that was NOT made in China? Do you know that...
Steve Parsons says: The problem is, it keeps getting reported but no one does anything about it. Ask any information security guru and...


IDG News Service - Looking to gain the upper hand in any future cyber conflicts, China is probably spying on U.S. companies and government, according to a report commissioned by a Congressional advisory panel monitoring the security implications of trade with China.

The report outlines the state of China's hacking and cyber warfare capabilities, concluding that "China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long term, sophisticated computer network exploitation campaign."

Published Thursday, the report was written by Northrop Grumman analysts commissioned by the U.S.-China Economic and Security Review Commission.

Government agencies and military contractors have been hit with targeted, well-crafted attacks for years now, many of which appear to have originated in China. But this report describes in detail how many of these attacks play out, including an attack that exploited an unpatched flaw in Adobe Acrobat that was patched earlier this year.

Citing U.S. Air Force data from 2007, the report says at least 10TB to 20TB of sensitive data has been siphoned from U.S. government networks as part of a "long term, persistent campaign to collect sensitive but unclassified information." Some of this information is used to create very targeted and credible phishing messages that then lead to the compromise of even more computers.

Northrop Grumman based its assessment largely on publicly available documents, but also on information collected by the company's information security consulting business.

The report describes sophisticated, methodical techniques and speculates on possible connections between Chinese government agencies and the country's hacker community, increasingly a source of previously unknown "zero-day" computer attacks.

"Little evidence exists in open sources to establish firm ties between the [People's Liberation Army] and China's hacker community, however, research did uncover limited cases of apparent collaboration between more elite individual hackers and the [People's Republic of China's] civilian security services," the report says.

If true, that wouldn't be much of a surprise. The U.S. government has had a presence at the Defcon hacker convention for years now, and the U.S. Department of Defense has even started using it as a recruitment vehicle in recent years.

The Adobe Acrobat attack was supplied by black hat programmers to attackers who targeted an unnamed U.S. firm in early 2009. Working nonstop in shifts, the attackers snooped around the network until an operator error caused their rootkit software to crash, locking them out of the system.

In a typical targeted attack, the victim receives an e-mail message containing a maliciously crafted office document as an attachment. It might be disguised to look like the schedule or registration form for an upcoming conference, for example. When the e-mail is opened, the zero-day attack executes and cyberthieves start collecting information that might be used in future campaigns.


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

cyberwar

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

What People Are Saying

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...