Computer user
Hackers from one country have systematically targeted 72 global companies and organisations over the past five years, McAfee have found. Photograph: AP
Dozens of countries, companies and organisations, ranging from the US government to the UN and the Olympic movement, have had their computers systematically hacked over the past five years by one country, according to a report by a leading US internet security company.
The report, by McAfee, did not openly blame any country but hinted strongly that China was the most likely culprit, a view endorsed by analysts.
China has previouslybeen implicated in a range of alleged incidents of cyberspying – a practice Beijing vehemently denies – including a concerted attack on Google and several attempts to prise secrets from computers at the Foreign Office. But the McAfee report is among the most thorough attempts yet to map the scale and range of such data-theft efforts.
The study traced the spread of one particular spying malware, usually spread by a "phishing" email which, if opened, downloaded a hidden programme on to the computer network. Through tracing this malware and also gaining access to a "command and control" computer server used by the intruders, McAfee identified 72 compromised companies and organisations. Many more had been hacked but could not be identified from the logs.
"After painstaking analysis of the logs, even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators," said Dmitri Alperovitch, the company's head of threat research and the author of the report.
Of the hacking victims 49 were US-based, among them various arms of federal, state and local government, as well as defence contractors and other industries. There were two targets in the UK, a defence company and a computer security firm, while other governments included those of Taiwan, South Korea, and India.
Also found on the logs were records from the United Nations, the International Olympic Committee and two national Olympic committees – one of which was accessed by the hackers for more than two years continuously.
McAfee was at pains not to identify the suspected culprit. However, it did little to disguise its suspicions, noting that the targeting of the Olympic groups, and the sport's anti-doping agency, immediately before and after the 2008 Beijing Games was "particularly intriguing" and pointed to a country being to blame.
China has been accused in the past. After Google came under a so-called "advanced persistent attack" in 2009 which it said originated in China, the US secretary of state, Hillary Clinton, asked Beijing for an explanation. This year William Hague said a "hostile state intelligence agency" – identified by UK sources as China – had penetrated the Foreign Office's internal communications system.
While a high proportion of media attention on cybersecurity focuses on the loss of personal data, such as the recent security breaches at Sony, and the activities of hacking collectives such as LulzSec, analysts say this is often minor when compared with the methodical, industrial-scale attempts to seize commercial and state secrets, presumed to be carried out by many countries, chief among them China. Alperovitch said state-orchestrated hacking was so endemic and ambitious it could reshape the workings of the global economy.
"What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth," he said. If only a fraction of the stolen data was used to gain commercial or technological advantage "the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world".
Beyond even this, he added, were the national security implications of stolen intelligence or defence files. Such was the endemic scale of this problem, Alperovitch said, that he divided large corporations into two camps: "Those that know they've been compromised and those that don't yet know."
He said: "This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organisations that are exempt from this threat are those that don't have anything valuable or interesting worth stealing."
When Google accused China last year the ministry of industry and information technology told the state news agency Xinhua: "Any accusation that the Chinese government participated in cyber-attacks, either in an explicit or indirect way, is groundless and aims to denigrate China. We are firmly opposed to that."
No one was available for comment at the foreign ministry in Beijing. Chinese officials have previously said that China has strict laws against hacking and is itself one of the biggest victims.
Dave Clemente, a cybersecurity analyst from the Chatham House thinktank, said it was likely China was also targeted by hackers acting on behalf of other countries.
"It's going in both directions, but probably not to the same extent," he said. "China has a real motivation to gain these types of industrial secrets, to make that leapfrog. There's probably less motivation for the US to look to China for industrial secrets or high technology. But certainly there's things China has which they're interested in, maybe not for commercial advantage but in a geopolitical sense."
Clemente said McAfee's characterisation of such hacking efforts as a wholesale theft of intellectual property and secrets was "fairly reasonable": "It's confirmed not just by this report but by so many dozens of other incidents which build up to an overall picture."
The effects, however, were harder to quantify: "The blueprints are only part of the picture. The technology for, say, how to build a sophisticated jet engine is one thing, but there's a whole set of other processes – the logistics, how to manage the supply chain to build more than one, the long-term management of a really advanced manufacturing process."
While basic security or human errors often made hacking easier than it should be, Clemente said, even the biggest organisations struggle to stop sophisticated attacks: "There's not much even Google can do if China's really determined to get inside its networks. It's not a fair fight in that sense."
Hackers
Showing posts with label cyber hackers. Show all posts
Showing posts with label cyber hackers. Show all posts
Saturday, August 6, 2011
Friday, January 7, 2011
Operation Titstorm
Operation Titstorm was a series of cyber attacks by the Anonymous online community against the Australian government in response to proposed internet censorship regulations. Australian Telecommunications Minister Stephen Conroy was the architect of the plan that would mainly filter sites with pornographic content. Various groups advocating an uncensored internet, along with web based companies such as Google and Yahoo!, object to the proposed filter.
The denial-of-service attack resulted in lapses of access to government websites on the 10th and 11th of February 2010. This was accompanied by emails, faxes, and phone calls harassing government offices. The actual size of the attack and number of perpetrators involved is unknown. It drew criticism from other filter protest groups. A spokesperson for Conroy said that the actions were not a legitimate form of protest and called it irresponsible. The initial stage was followed by small in-person protests on 20 February.Contents [hide]
1 Background
2 Attacks
3 Response
4 See also
5 References
6 External links
Background
The operation began as a protest responding to a plan by Australian Telecommunications Minister Stephen Conroy that would require internet service providers to block illegal and what the government deemed as "unwanted" content.[1] Websites to be blocked feature pornography showing rape, bestiality, child sex abuse, small-breasted women (who may appear under the legal age), and female ejaculation. Drawn depictions of such acts are included in the proposal.[2] The filter also includes gambling sites along with others showing drug use.[3] A leaked version of the proposed blacklist also showed sites that did not include adult content. The name "Operation Titstorm" was in reference to the material that would be censored.[4]
Google has questioned the proposal, saying the prohibitions would be too broad.[1][4] It is strongly opposed by free speech groups. A poll conducted by McNair Ingenuity Research for the Hungry Beast television program found that 80% of their 1000 respondents were in favor of the concept of the plan.[5] The survey also found that 91% were concerned about the government's intent to keep the list of filtered websites a secret.[6]
The Department of Defence's Cyber Security Operations Centre discovered the attack was coming on 5 February.[7] A statement released by Anonymous to the press two days before the attack said, "No government should have the right to refuse its citizens access to information solely because they perceive it to be 'unwanted'." It went on to read, "The Australian Government will learn that one does not mess with our porn. No one messes with our access to perfectly legal (or illegal) content for any reason."[8][9] Anonymous had previously garnered media attention with protests against Church of Scientology (Project Chanology) and the Iranian government.[10] In September 2009, Prime Minister Kevin Rudd's website was hacked in a similar protest to proposed internet censorship reforms.[5]
Attacks
On 10 February 2010, government websites were targeted by denial-of-service attacks. The Communications Department said the hackers had not infiltrated government security, but had instead swamped government computer servers.[5] Sites were left unavailable for sporadic periods throughout the attack. At one point, the Australian Parliament's website was offline for about 2 days due to the high-volume of requests.[11] As a primary target, the Communications Department also received a large amount of traffic. Government offices were also flooded with e-mail spam, junk faxes, and prank phone calls.[2] The Prime Minister's homepage was vandalized with pornographic images.[8]
One cyber security expert described the attacks as “the equivalent of parking a truck across the driveway of a shopping centre”.[12] Reports of the actual size of the attack have varied. A firm marketing security technology said that the peak of the attack was a relatively low 16.84 megabits per second.[2] One writer described the 7.5 million requests per second that initially brought down the Parliament website as "massive".[1] The site usually only receives a few hundred per second.[9] It appears that botnets made up of compromised computers were not used.[2] Estimates of perpetrators involved have ranged from hundreds to thousands.[3][10]
Response
A spokeswoman for Conroy said such attacks were not a legitimate political protest. They were "totally irresponsible and potentially deny services to the Australian public".[13] The Systems Administrators Guild of Australia said that it "condemned DoS attacks as the wrong way to express disagreement with the proposed law."[14] Anti-censorship groups criticised the attacks, saying they hurt their cause.[10][13] A purported spokesperson for the attackers recommended that the wider Australian public protest the filter by signing the petition of Electronic Frontiers Australia.[15]
Anonymous coordinated a second phase with small protests outside the Parliament House in Canberra and in major cities throughout Australia on 20 February. Additional demonstrations were held at some of the country's embassies overseas.[14] This was dubbed "Project Freeweb" to differentiate it from the cyber attacks that were criticised by other protest groups.[16]
Several supporters of the attack later said on a messageboard that taking down websites was not enough to convince the government to back down on the internet filtering policy and called for violence. Others disagreed with such actions and proposed launching an additional attack on a popular government site. A spokesman for Electronic Frontiers Australia said he believed there was no real intention or capacity to follow through with any of the violent threats
The denial-of-service attack resulted in lapses of access to government websites on the 10th and 11th of February 2010. This was accompanied by emails, faxes, and phone calls harassing government offices. The actual size of the attack and number of perpetrators involved is unknown. It drew criticism from other filter protest groups. A spokesperson for Conroy said that the actions were not a legitimate form of protest and called it irresponsible. The initial stage was followed by small in-person protests on 20 February.Contents [hide]
1 Background
2 Attacks
3 Response
4 See also
5 References
6 External links
Background
The operation began as a protest responding to a plan by Australian Telecommunications Minister Stephen Conroy that would require internet service providers to block illegal and what the government deemed as "unwanted" content.[1] Websites to be blocked feature pornography showing rape, bestiality, child sex abuse, small-breasted women (who may appear under the legal age), and female ejaculation. Drawn depictions of such acts are included in the proposal.[2] The filter also includes gambling sites along with others showing drug use.[3] A leaked version of the proposed blacklist also showed sites that did not include adult content. The name "Operation Titstorm" was in reference to the material that would be censored.[4]
Google has questioned the proposal, saying the prohibitions would be too broad.[1][4] It is strongly opposed by free speech groups. A poll conducted by McNair Ingenuity Research for the Hungry Beast television program found that 80% of their 1000 respondents were in favor of the concept of the plan.[5] The survey also found that 91% were concerned about the government's intent to keep the list of filtered websites a secret.[6]
The Department of Defence's Cyber Security Operations Centre discovered the attack was coming on 5 February.[7] A statement released by Anonymous to the press two days before the attack said, "No government should have the right to refuse its citizens access to information solely because they perceive it to be 'unwanted'." It went on to read, "The Australian Government will learn that one does not mess with our porn. No one messes with our access to perfectly legal (or illegal) content for any reason."[8][9] Anonymous had previously garnered media attention with protests against Church of Scientology (Project Chanology) and the Iranian government.[10] In September 2009, Prime Minister Kevin Rudd's website was hacked in a similar protest to proposed internet censorship reforms.[5]
Attacks
On 10 February 2010, government websites were targeted by denial-of-service attacks. The Communications Department said the hackers had not infiltrated government security, but had instead swamped government computer servers.[5] Sites were left unavailable for sporadic periods throughout the attack. At one point, the Australian Parliament's website was offline for about 2 days due to the high-volume of requests.[11] As a primary target, the Communications Department also received a large amount of traffic. Government offices were also flooded with e-mail spam, junk faxes, and prank phone calls.[2] The Prime Minister's homepage was vandalized with pornographic images.[8]
One cyber security expert described the attacks as “the equivalent of parking a truck across the driveway of a shopping centre”.[12] Reports of the actual size of the attack have varied. A firm marketing security technology said that the peak of the attack was a relatively low 16.84 megabits per second.[2] One writer described the 7.5 million requests per second that initially brought down the Parliament website as "massive".[1] The site usually only receives a few hundred per second.[9] It appears that botnets made up of compromised computers were not used.[2] Estimates of perpetrators involved have ranged from hundreds to thousands.[3][10]
Response
A spokeswoman for Conroy said such attacks were not a legitimate political protest. They were "totally irresponsible and potentially deny services to the Australian public".[13] The Systems Administrators Guild of Australia said that it "condemned DoS attacks as the wrong way to express disagreement with the proposed law."[14] Anti-censorship groups criticised the attacks, saying they hurt their cause.[10][13] A purported spokesperson for the attackers recommended that the wider Australian public protest the filter by signing the petition of Electronic Frontiers Australia.[15]
Anonymous coordinated a second phase with small protests outside the Parliament House in Canberra and in major cities throughout Australia on 20 February. Additional demonstrations were held at some of the country's embassies overseas.[14] This was dubbed "Project Freeweb" to differentiate it from the cyber attacks that were criticised by other protest groups.[16]
Several supporters of the attack later said on a messageboard that taking down websites was not enough to convince the government to back down on the internet filtering policy and called for violence. Others disagreed with such actions and proposed launching an additional attack on a popular government site. A spokesman for Electronic Frontiers Australia said he believed there was no real intention or capacity to follow through with any of the violent threats
Subscribe to:
Posts (Atom)