Wednesday

After USA & Germany, is the UK the next victim of Chinese Hackers?


First article:

Chinese hackers have been attacking key British government computer networks, a media report said today, amid allegations the Pentagon and German ministries have also been hit.

Chinese attackers have launched online assaults against the network at Britain's Parliament and the Foreign Office, The Guardian newspaper reported today, citing unnamed government officials.

It said some of the hackers were believed to be from the Chinese military, without citing sources.

The report marks the third time in two weeks that China's military has been accused of hacking into foreign governments' computers. (Source: smh.com.au)

Second article:

Economic espionage connected to China has increased dramatically in the last decade. A German official estimated that two-thirds of the economic espionage cases currently being investigated by the country's law enforcement are linked to China, according to Der Spiegel. In the U.S., the FBI has estimated that a third of all economic espionage cases are linked to the Chinese and have boosted the number of agents assigned to combat Chinese espionage to 350, from 150 in 2001, according to USA Today.

Yet, tracking the attacks back to China is not a simple matter.

Attackers regularly use multiple servers and botnets to hide the true origins of their activities. For example, current data shows that nearly half of all spam comes from servers based in the North America, but that does not mean that the U.S. is spamming other countries, said Matt Sergeant, senior antispam technologist for e-mail security firm MessageLabs.

"Certainly, there is a lot of what we call -- in the spam world -- bulletproof hosting in China," Sergeant said. "But saying that the source of the attacks coming from those servers is in China is not straightforward. Using that naive viewpoint, most of spam is coming from the U.S. (Source: Securityfocus

It's like the cyberattack on Estonia (allegedly) by Russia. The internet gives plausibly deniability (for now). But with botnets and open proxies, who knows for sure? I admit, there are strong indications to point that way. It's not like the US Army isn't probing China. To be continued.

UPDATE (05/09/2007): I guess great minds think alike. Taosecurity has also an blog entry on it: United Kingdom v China but he mentions an attack on European Parliament’s computer network about three years ago.

What worries Mr Preatoni are the attacks that go undetected. “We think that governments have the most sophisticated cyber defences on the planet,” he said. “This is the wrong assumption. In my work with governments, I see they face the same problems as the business world in securing their networks. There’s a lack of expertise. The machines aren’t properly administered. There are budget cuts. They face the same problems as the corporate world. They are hit by the same vulnerabilities.”

So how do you stop a targeted attack. Comments are welcome.

Posted by Security4all at 5.9.07

Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)