September 3rd, 2007
China getting uppity
While I was in Frankfurt last week, the German Chancellor, Angela Merkel, was voicing concern over Chinese attacks against German state owned computers using custom Trojans.
German news magazine Der Spiegel reported recently that computers in the German chancellery and the foreign, economic, and research ministries had been infected with Chinese spyware software, and German officials say they believe the hackers were linked to China’s People’s Liberation Army.
Now we are hearing fresh reports about attacks against the Pentagon of a similar nature that occurred last June and forced the shut down of some military networks for up to a week.
The above linked article reports that the attacks only captured non-classified information. Don’t let your fears be assuaged by “non-classified”. In my experience as an industry analyst I recieved dozens of non-classified documents. Things like diagrams of the entire network connecting the Capital with other federal departments. These included IP addresses, and make and model of firewalls and IDS devices. Information might be non-classified but with proper analysis can still be extremely valuable. Even encrypted data can be subject to “signal analysis” which reveals things based on recipients, senders, timing, and volume.
Things are heating up in the cyberwars between China and the rest of the world. Time for just about every nation to wake up to the threat and start pushing back, preferably diplomatically, not with escalations.
Richard Stiennon is an industry consultant. See his full profile and disclosure of his industry affiliations.
