funsec mailing list archives
The Subtleties of '...Attacks Appeared to Originate in China'
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Thu, 6 Mar 2008 06:56:21 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via UPI. [snip] Defense-related think tanks and contractors, as well as the Pentagon and other U.S. agencies, were the target of repeated computer network intrusions last year apparently originating in China, the Department of Defense said this week. In its annual report to lawmakers on China's military power, the department said the intrusions "appeared to originate in" China but added, "It is unclear if these intrusions were conducted by, or with the endorsement of" the Chinese government or military. The report gave few details, but one China expert who works in the private sector told United Press International that in the last 18 months, China scholars who have close links to the U.S. government have been the repeated targets of sophisticated hacking attempts, using malicious software packages called Trojan horses hidden in e-mail attachments. "Almost every think tank in Washington has dealt with this," said the expert, who did not want to be named because of the ongoing investigations into the intrusions. "I personally have received more than two dozen" such e-mails, which arrive purportedly sent by other China-watchers. [snip] More: http://www.upi.com/International_Security/Emerging_Threats/Analysis/2008/03 /06/analysis_chinese_cyberattacks_on_experts/3601/ Note: Anyone who has dealt with technical cyber crime issues knows that it is trivial to commandeer a host and launch an attack, masquerading the origination of the true attacker. Not for nothing, but I'm glad to start seeing people start to acknowledge that China may not actually be behind these attacks. This is not to say that China is not behind some of these shenanigans, but all things given, it is is almost impossible to be sure, even for the hawks in Washington or elsewhere. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHz5WPq1pz9mNUZTMRAoqYAJ47f4bNRySYMKZ1Rl/8K6WCWynIMACdFZv1 WdK3W3A9Mj0aEuyYuER0Xs4= =2+Nj -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The Subtleties of '...Attacks Appeared to Originate in China' Paul Ferguson (Mar 05)