Cyber spies try probing U.S. drone plans

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/nextgov/ng_20120103_5731.php

By Aliya Sternstein
NextGov
01/03/2012

China-based hackers for months have been targeting federal agencies and 
contractors through infected emails apparently to spy on the Pentagon's 
drone strategy and other intelligence matters, according to Internet 
security researchers.

The reported espionage employed a tactic known as spear-phishing where 
infiltrators, operating under the guise of a legitimate sender, email 
specific victims a virus-laden file or link. In this case, the hackers 
used email addresses from military and other government organizations, 
Jaime Blasco, manager of AlienVault Labs, said Tuesday.

Some emails went to employees at U.S. military contractors, he said, but 
declined to discuss any information related to specific victims.

The lab traced samples of the malicious software to network addresses in 
China, AlienVault disclosed last month.

Blasco has since discovered from the same spies separate malware that is 
capable of overriding Pentagon smart card credentials, known as the 
Common Access Card, to get into protected resources, he said Tuesday. In 
addition, the intruders have been pursuing other government 
organizations with information of interest to Chinese intelligence 
operations -- including the General Services Administration, the U.S. 
government's buying arm, and the Central Tibetan Administration.

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn