Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Evidence Uncovered of Chinese Cyber-Attacks

SecurEnvoy : 25 August, 2011  (Technical Article)
SecurEnvoy shows no surprise that China has been identified as an originator of cyber attacks on western computer systems
Evidence Uncovered of Chinese Cyber-Attacks
As reports are coming in that China has been positively identified as the source of automated IP hacking, SecurEnvoy says that - while this is no real surprise - the Chinese TV slip-up is the first real evidence that the Beijing regime is a primary source of Western cyber-attacks.

According to Steve Watts, co-founder of the tokenless two-factor authentication specialist, whilst Western governments have engaged in finger pointing at China over government and allied agency server attacks for several years, the Chinese government has always vehemently denied the claims.

“The topic resurfaced again earlier this month over the so-called Shady RAT – Remote Access Trojan – attacks of the last several years on Western computer systems, and the Chinese government used the People's Daily, its official media voice, to refute the allegations,” he said.

“It's therefore kind of ironic that the evidence for Chinese government-driven cyber-attacks – and automated attacks at that – should come from a Chinese military TV programme, detailed on the Epoch Times newswire, which shows a hacker utility application with legends such as `select attack target,' highlighting a list of Falun Gong web sites as starting point for an automated attack,” he added.

Watts went on to say that the TV programme event shows shots of a computer screen showing a Chinese military university engaged in cyberwarfare against US servers.

“Talk about being caught red-handed and with your electronic pants down,” he quipped.

More seriously, the SecurEnvoy co-founder explained, now that the Chinese government has been formally identified as the source of at least some of the cyber-attacks on Western government and allied agency computer systems, the IT security managers within these agencies - as well other organisations on both sides of the public/private sector divide – need to plan ahead and counter these advanced attack vectors.

The solution, says Watts, is to use a multi-layered IT security strategy that uses a variety of encryption and other authentication systems to protect the data that the Chinese government - as well as myriad other hackers – are trying to get their grubby paws on.

Some of this information can be useful for military intelligence, but the majority, he adds, is almost invariably useful in other areas, especially where intellectual property (IP) is involved. And since IP is becoming the de-facto currency of choice amongst hackers of all types, it stands to reason that defending IP should become a high priority for all IT security professionals.

“Our observations suggest that it is no longer possible to develop an IT resource that is completely resilient against an external cyber-attack, but the use of authentication as a means of enhancing other credential-enabled data security is a useful additional weapon in the ongoing battle against hackers,” he said.

"Developing a solid layer of authentication also has the additional advantage that - as well as securing data from external prying eyes - it also defends against the insider attacker problem, which can range from the actions of a rogue employee all the way to a careless action by a new member of staff. Whatever the cause, however, authentication is clearly the way forward when it comes to developing a better security mousetrap,” he added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo