When Chinese RATs Attack

Oh, hey, look what China did, again. Isn’t this supposed to be an act of war now?

Massive Global Cyberattack Targeting U.S., U.N. Discovered; Experts Blame China

The world’s most extensive case of cyber-espionage, including attacks on U.S. government and U.N. computers, was revealed Wednesday by online security firm McAfee, and analysts are speculating that China is behind the attacks.

The spying was dubbed “Operation Shady RAT,” or “remote access tool” by McAfee — and it led to a massive loss of information that poses a huge economic threat, wrote vice president of threat research Dmitri Alperovitch.

. . .

Analysts told The Washington Post that the finger of blame for the infiltration of the 72 networks — 49 of them in the U.S. — points firmly in the direction of China.

See also:
Revealed: Operation Shady RAT
McAfee’s Operation Shady RAT exposes national cybersecurity lapses
McAfee discovers massive series of cyber attacks
Hacking Campaign Targets U.S. Government, Signs Point to China
Operation Shady RAT: five-year hack attack hit 14 countries
China Suspected Of Shady RAT Attacks
Q+A: Massive cyber attack dubbed “Operation Shady RAT”
Operation Shady RAT: A frightening web of global cyber-espionage
Operation Shady RAT smells like Chinese hacking
All cursors point to China in global hack attack that threatens nations
China accused of biggest ever global cyber spying attacks
Hackers Based in China Attack UN, Olympic Networks, Security Firms Report
Operation Shady RAT and the cyberhacking
APT Attackers Used Chinese-Authored Hacker Tool To Hide Their Tracks

Why did it take a private security company to uncover the largest case of cyberspying in world history and why aren’t we doing something about it?

/does China have to steal every last piece of sensitive and secret computer data we possess before we start taking this threat seriously?

Advertisements

Night Dragon Strikes

How many intrusions by Chinese hackers does it take and how much technology data has to be stolen before U.S. companies start seriously defending themselves?

‘Sloppy’ Chinese hackers scored data-theft coup with ‘Night Dragon’

Chinese hackers who were “incredibly sloppy” still managed to steal gigabytes of data from Western energy companies, a McAfee executive said today.

“They were very unsophisticated,” said Dmitri Alperovitch, vice president of threat research at McAfee, speaking of the attackers. “They were incredibly sloppy, made mistakes and left lots of evidence.”

The attacks, which McAfee has dubbed “Night Dragon” and had tracked since November 2009, may have started two years earlier. They are still occurring.

Night Dragon targeted at least five Western oil, gas and petrochemical companies, all multinational corporations, said Alperovitch, who declined to identify the firms. Some are clients of McAfee, which was called in to investigate.

According to McAfee, the attacks infiltrated energy companies’ networks, and made off with gigabytes of proprietary information about contracts, oil- and gas-field operations, and the details on the SCADA (supervisory control and data acquisition) systems used to manage and monitor the firms’ facilities.

See also:
McAfee: Night Dragon Cyber-Attack Unsophisticated but Effective
‘Night Dragon’ Attacks From China Strike Energy Companies
Oil Firms Hit by Hackers From China, Report Says
Chinese hackers targeted energy multinationals, claims McAfee
Night dragon attacks petrol companies
China-based hackers targeted oil, energy companies in ‘Night Dragon’ cyber attacks, McAfee says
Hackers in China have hit oil and gas companies: McAfee report
Chinese hackers steal “confidential information” of five global oil companies: McAfee
Chinese Technician Denies Knowledge of Hacking
China Hacks Big Oil
Chinese hackers break into five oil multinationals
Chinese hackers ‘hit Western oil firms’

Repeat after me, China is not our friend. They don’t create innovative technology, they steal it. Hacking in China is a state-sponsored industry. Furthermore, the oil and gas industry is critical infrastructure, vital to our national security.

/these were unsophisticated attacks, meant only to steal data, and these energy companies couldn’t defend against them, what will happen when Chinese hackers unleash much more sophisticated attacks against our energy infrastructure, with the intent to inflict maximum damage and destruction?

All Your Internet Are Belong To China For 18 Minutes

Well, this is certainly disconcerting news.

Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic

For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.

This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.

In short, the Chinese could have carried out eavesdropping on unprotected communications — including emails and instant messaging — manipulated data passing through their country or decrypted messages, Dmitri Alperovitch, vice president of threat research at McAfee said.

Nobody outside of China can say, at least publicly, what happened to the terabytes of data after the traffic entered China.

The incident may receive more attention when the U.S.-China Economic and Security Review Commission, a congressional committee, releases its annual report on the bilateral relationship Nov. 17. A commission press release said the 2010 report will address “the increasingly sophisticated nature of malicious computer activity associated with China.”

Said Alperovitch: “This is one of the biggest — if not the biggest hijacks — we have ever seen.” And it could happen again, anywhere and anytime. It’s just the way the Internet works, he explained. “What happened to the traffic while it was in China? No one knows.”

See also:
U.S.-China Economic and Security Review Commission
Release of 2010 Annual Report to Congress

Report: China hijacked U.S. Internet data
Internet Traffic from U.S. Government Websites Was Redirected Via Chinese Servers
Internet traffic was routed via Chinese servers
15 percent of the world’s Internet traffic was hijacked to China, in April
Worldwide Internet Security Breach Points to China
15 Percent of Internet Traffic Was Redirected Through Chinese Servers, Report
China Hijacked 15% of US Internet Traffic-and no one noticed
China hijacks 15% of internet, inluding military data
Internet Traffic from U.S. Government Websites Was Reportedly Routed Via Chinese Servers

It’s just another episode in China’s ongoing undeclared covert war against the United States and other Western countries. Hopefully, we’re fighting back.

/one thing’s for sure, China is not our friend