December 03, 2007 (Computerworld Australia) -- The U.K. government has accused the Chinese of hacking into the computer systems of some of its leading companies, according reports published by the English press over the weekend.
According to The Times, the Director-General of intelligence agency MI5, Jonathan Evans, sent a confidential letter to 300 chief executives and security chiefs at financial institutions and legal firms last week warning them that they were under attack from Chinese state organizations.
The summary of the letter, which was posted (securely) on the Web site of the Centre for the Protection of the National Infrastructure, warned its recipients of the "electronic espionage attack."
"The contents of the letter highlight the following: the Director-General's concerns about the possible damage to U.K. business resulting from electronic attack sponsored by Chinese state organizations, and the fact that the attacks are designed to defeat best-practice IT security systems.
Obviously this is very troubling to the British, but what is even more troubling and downright frightening is what happened recently at one of our most top secret nuclear laboratories. This from Network World:
The U.S. science and technology lab Oak Ridge National Laboratory yesterday disclosed it has been compromised by what it described as a “sophisticated cyber attack that appears to be part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country.
When the employee opened the attachment or accessed an embedded link, the hacker planted a program on the employees’ computers that enabled the hacker to copy and retrieve information,” ORNL said.
ORNL said the compromise has been traced back to Oct. 29, 2007, and that the lab has “reason to believe that data was stolen from a database used for visitors to the Laboratory.”
ORNL, which conducts highly sensitive energy research in the neutron science and high-energy physics as well as biology research, does not believe that classified information was lost. However, ORNL said anyone who visited the lab, which is based in Oak Ridge, Tenn., between the years 1990 and 2004 may have had their name and other personal information, such as Social Security numbers and birth date, stolen by the attackers.
Thom Mason, director of ORNL, on Monday sent an e-mail to staff employees that said, “Our cyber security staff has been working nights and weekends to understand the nature of this attack.”
This from the highly respected Economist magazine:
General James Cartwright, recently promoted from head of Strategic Command to vice-chairman of the joint chiefs of staff, said in June that China was carrying out widespread “reconnaissance” of America's networks. This allowed China to steal advanced know-how, so as to skip generations in military and civil technology. A cyberspy can potentially steal much more information than a human one. Others argue that China wants to send a signal to America that a future war would be costly, and would not be limited to the Straits of Taiwan.
The Pentagon is probably better able to protect itself against cyberattacks than most. But in an increasingly internet-connected world, civilian life has become more vulnerable. Earlier this year suspected Russian hackers attacked the websites of ministries, banks and other bodies in Estonia, the tiny but highly-wired Baltic state that had offended the Kremlin by removing a Soviet war monument from the centre of the capital, Tallinn, to a military cemetery. The “denial of service” attack was crude, but disruptive.
Past American exercises to test the computer defences of critical services (such as electricity grids) have found that, without detailed inside information, an external cyberattack would be more disruptive than catastrophic. That assessment may be changing. The psychological effect of a cyberattack on America, in General Cartwright's view, could be as severe as the use of weapons of mass destruction
Are the incidents in Great Britain and Oak Ridge Tennesee related? Why would anyone want personal data about anyone who VISITS the nuclear laboratory. If I were those people I would be highly nervous. What is our government and particularly Homeland Security doing about it?
No comments:
Post a Comment