backtop


Print 26 comment(s) - last by dsx724.. on Apr 11 at 12:16 PM


Chinese hackers stole information from a variety of parties. While the attacks related to rivals or enemies of the government, the Chinese government claims not to have been involved and says its investigating the incident.  (Source: LIFE)

The attacks originated from the Southern China city of Chengdu.  (Source: CJ Report)
Report authors say Chinese government is cooperating to investigate the situation

Cybersecurity researchers at the University of Toronto's Munk School of Global Affairs claim to have discovered a massive campaign of cyberespionage carried out by members of China's underground hacking rings.  The campaign zeroed in on high profile targets in India, including Tibetan exiles and the Indian Defense Ministry.  

The attackers used attacks on social networking, blogging, and email services, such as Twitter, Google Groups, and Yahoo Mail to gain access to individual computers, forcing them to communicate with attack servers in China.  The authors of the study "Shadows in the Clouds" say that the underworld cybercriminals likely stole information to try to make a profit and may have passed information on to the Chinese government.

The information stolen from the Indian military includes secret assessments of the security situation in northeastern states bordering Tibet, Bangladesh and Myanmar, as well as insurgencies by Maoists.

On the surface, the Chinese government has pledged a thorough investigation in response to the incident.  Describes Nart Villeneuve at the University of Toronto, "We did not find any hard evidence that links these attacks to the Chinese government.  We've actually had very healthy co-operation with the Chinese computer emergency response team, who are actively working to understand what we've uncovered and have indicated they will work to deal with this ... It's been a very encouraging development."

A Chinese foreign ministry spokesperson stated, "[Chinese] policy is very clear. We resolutely oppose all internet crime, including hacking."

It seems more than mere coincidence, though, that the attacks targeted Tibet's government in exile and Dalai Lama, whom China views as enemies.  Last year the Tibetans were hit by a much larger attack, which the University of Toronto researchers dubbed "GhostNet".  Describes Munk School's Ron Diebert, "The social media clouds of cyberspace we rely upon today have a dark, hidden core, There is a vast subterranean ecosystem to cyberspace within which criminal and espionage networks thrive."

University of Toronto researchers say that most antivirus programs are currently ineffective in preventing attacks on social networks or email services, which were a major source of these compromises.  The researchers suggest stripping attachments from all external email and instead transferring files over a secure channel like SFTP.

The recent attacks affect the U.S. too as the attackers stole private data from visa-seekers to the Indian embassy in Afghanistan and the Indian and Pakistani embassies in the United States.

According to researchers, the IP's used in part of the attacks were traced to Chongqing, a large city in southwest China, while addresses in the nearby city of Chengdu were used to control Yahoo Mail accounts used in the attacks.  Graduates of the University of Electronic Science and Technology of China reportedly owned some of the servers used in the attacks and may have masterminded the entire scheme.

China has been rather friendly to India of late, trying to leverage the issue of global warming to align the south Asian nation against the U.S.  India and China are the world's most populous countries, each with over a billion people.  They also are fast becoming world superpowers in research and industry.  With that growth has come clashes, both between each other and between the world's current economic leader, the United States.  

China and India's relationship has been damaged by the Chinese occupation of Tibet, a small province that borders India.  India and the U.S. have also taken issue to China's censorship policies and with the fact that China does little to stop hackers from attacking foreigners, and in some cases its own citizens.  As many of these attacks target political or economic rivals of the government, there seems to be government involvement in some cases, even if there's no evidence to explicitly prove that the government is supporting the cyberintrusions.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: The Picture of the City
By dsx724 on 4/11/2010 12:16:42 PM , Rating: 2
Triad
http://www.atimes.com/atimes/China/KK18Ad01.html

Google pulled out of China not because of external hack. There were internal IP theft issues. Chinese employees of Google were stealing codebase for all of Google products. Google didn't have much market share to lose but it did have a lot to lose in terms of IP and techniques. The only way to remedy this was to shut down all Chinese operations with regards to search. The hacking is just a justification to cover up what we all know about the disregard by Chinese people of IP. Money makes everything possible in China so any competitor can bribe said Google employees for a price to carry out a theft or open a vulnerability. Google deemed this risk or the number of occurrences too high to continue operations in China since government is providing no assistance to prosecute those responsible.

My problem with Shadow is that it is a political piece and not a technical piece. Although clearly there is no link to the government of China, it does a lot in the way of attributing the attacks to the government. I am not a supporter of the government but lay blame where it is due. You can't blame the US government for the actions of the KKK.

Most of these points come from contextual information that are too significant to ignore. Unlike Shadow in the Cloud, I have no political goal in looking at the data and the circumstances surrounding this. Cleverly crafted information lead to the Iraq War on an unfound basis. I would hate our foreign policy to be based on stupid reports like these.


"And boy have we patented it!" -- Steve Jobs, Macworld 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki