On Jan. 19, 2012, Business Week reported that a Chinese citizen in the U.S. since 2000 on a work visa had pilfered software code from our country’s Federal Reserve and now faces legal action in U.S. vs. Zhang.
Bo Zhang, 32, a computer programmer hired to work on the highly confidential source code last year, claimed he took the code in order to hedge his bets if he fired from the Fed job.
“He asserted that he took it for private use and in order to ensure that it was available to him in the event that he lost his job [with the New York Fed],” according to prosecutors in the case.
Espionage motivates code theft at the Federal Reserve?
In the spy world, infiltrating high levels of other governments and gaining access to key confidential data is job one. In a world in which economic upheavals are an everyday language and knowing your enemies financial structures and money movements is just as crucial.
Read more…
Dressed in skimpy bikinis, these Chinese women could be going for a day out at the beach.
But these trainees are in fact being put through a gruelling regime in Sanya, Hainan province, on the road to become female bodyguards.
Twenty women, most of them college graduates, were kicked, dunked, near-drowned and forced to carry a heavy log between them during a tough boot camp run by professional bodyguards on Sunday.
The four-week programme is run by trainers from Tianjiao Special Guard Consultant Ltd – the first open group training for female bodyguards in China.
Each trainee goes through 10 months of instruction to develop their skills in reconnaissance, anti-terrorism training, martial arts and business etiquette.
Read more…
Scammers are posing as Facebook security in chat sessions to try to trick people into providing their credit card information, Kaspersky Lab warned today.
“This Facebook phishing attack is pretty interesting because it does not just try to trick the victim into visiting a phishing Web site. It will reuse the stolen information and login to the compromised account and change both profile picture and name,” writes David Jacoby, a Kaspersky Lab Expert, in a blog post.
“The profile picture will be changed to the Facebook logo and the name will be translated to ‘Facebook Security’,” he wrote.
After an account has been compromised, the scammers will use it to send out an instant message to the victim’s contacts pretending to be Facebook Security, according to Jacoby. The message says “Last Warning: Your Facebook account will be turned off Because someone has reported you. Please do re-confirm your account security by:” and it provides a URL ending in “.vu” for the recipient to visit, he said.
The link redirects to a Web site that is made to look like a Facebook page and it prompts the visitor to provide name, e-mail, password, security question, e-mail account password, country and birth date, the blog post says. After that information is provided another page appears with a heading “Payment Verification” that asks for the first six digits of the person’s credit card. A subsequent page then asks the visitor to verify the information by providing the full credit card number, expieration date and security code as well as billing address, Jacoby wrote.
Read more…
Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called “an infestation” of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned.
At work for more than a decade, the viruses were detected a few days after Thanksgiving, when the college’s data security monitoring service detected an unusual pattern of computer traffic, flagging trouble.
It appeared at first that the problem was contained in a single computer lab at Cloud Hall on the Phelan Avenue campus, one of a dozen City College sites around the city. David Hotchkiss, the chief technology officer, immediately shut the lab down and reported the problem to Chancellor Don Griffin, General Counsel Scott Dickey and Board of Trustees President John Rizzo.
But a closer look revealed a far more nefarious situation, which had been lurking within the college’s electronic systems since 1999. For now, it’s still going on. So far, no cases of identify theft have been linked to the breach. That may change as the investigation continues, and college officials said they might need to bring in the FBI.
The college’s payroll, admissions and accounting systems have yet to be analyzed for the viruses.
Read more…
Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2012/01/12/MN4Q1MO9JK.DTL#ixzz1jP3ObQQk
There have been so many examples of cyber espionage that it is now the norm to just accept that it is rampant. MI5 in the UK, the German Chancellery, Titan Rain, GhostNet, the Pentagon email hack, Google Aurora – all are examples of cyber espionage, most on the part of China. But to date no evidence has been put forth other than claims from the injured parties.
Thanks to reporting from Anthony Freed of InfoSecIsland we have learned over the past few days that a group of Indian hackers that align themselves with Anonymous (the catch all movement for hackers these days) have breached several Indian government servers and uncovered gold. If taken at face value their hacking has revealed
1. The Indian government has source code for Symantec’s AV software, albeit of 2006 vintage.
2. The Indian government is strong arming cell phone manufacturers to provide back doors into their handsets.
3. The Indian government is in possession of confidential internal communications from the US-China Economic and Security Review Commission (USCC).
And now in a new development we learn from Freed:
Read more…
For several years, Japan has been developing a computer virus that can track, identify, and disable cyberthreats, according to a story in the Yomiuri Shimbun newspaper.
Fujitsu reportedly is working on the cyberweapon for Japan’s Defense Ministry under a 178.5 million yen ($2.32 million) project initiated in fiscal 2008 by the ministry’s Technical Research and Development Institute.
The system “can identify not only the immediate source of attack, but also all ‘springboard’ computers used to transmit the virus,” the Yomiuri reported, citing anonymous sources.
“Test runs in closed networks have helped the ministry to confirm the cyberweapon’s functionality and compile data on cyber-attack patterns.”
But whether Fujitsu’s “active defense” virus would work in the real world is a big question. Security experts have said it would rarely be effective due to the layered nature of server deployment. Furthermore, innocent third parties could be mistaken for the attackers.
Read more…
China-based hackers for months have been targeting federal agencies and contractors through infected emails apparently to spy on the Pentagon’s drone strategy and other intelligence matters, according to Internet security researchers.
The reported espionage employed a tactic known as spear-phishing where infiltrators, operating under the guise of a legitimate sender, email specific victims a virus-laden file or link. In this case, the hackers used email addresses from military and other government organizations, Jaime Blasco, manager of AlienVault Labs, said Tuesday.
Some emails went to employees at U.S. military contractors, he said, but declined to discuss any information related to specific victims.
The lab traced samples of the malicious software to network addresses in China, AlienVault disclosed last month.
Blasco has since discovered from the same spies separate malware that is capable of overriding Pentagon smart card credentials, known as the Common Access Card, to get into protected resources, he said Tuesday. In addition, the intruders have been pursuing other government organizations with information of interest to Chinese intelligence operations — including the General Services Administration, the U.S. government’s buying arm, and the Central Tibetan Administration.
Read more…
“Chinese human-intelligence operations primarily rely on collecting a small amount of information from a large number of people”, said Peter Grier, “Spy case patterns the Chinese style of espionage”.
Although China has been suspected as having a long history of espionage in the U.S. in order to gain knowledge and insight about military and industrial secrets, in recent years the belief that the Chinese government is conducting espionage activities in other countries is becoming increasingly widespread.
According to an annual report made in 2009 to the U.S Congress by the China Economic and Security Review Commission, China’s espionage and cyber-attacks against the U.S. government and business organizations are now a major concern.
The commission’s vice chairman Larry Wortzel stated that, “In addition to harming U.S interests, Chinese human and cyber espionage activities provide China with a method for leaping forward in economical, technological, and military development.” (1)
Chinese Espionage Activities
In 2006 the Central Intelligence Agency (CIA) released an unclassified document on its website titled the “Report to Congress on Chinese Espionage Activities Against the Unites States”.
Read more…
A Chinese satellite navigation system began providing services yesterday as the nation seeks to end its “dependence” on the U.S.’s Global Positioning System, or GPS, the official Xinhua News Agency reported.
China’s Beidou Navigation Satellite System began providing initial positioning, navigation and timing operational services for the nation and surrounding areas, Xinhua reported yesterday, citing Ran Chengqi, director of the management office of the China Satellite Navigation System. Work began on the Beidou system in 2000 with a goal of creating a global position service by 2020, according to Xinhua.
The U.S.-owned GPS system is the world’s primary source of satellite navigation data that provides directions for drivers, tracking systems for emergency rescue teams and also positioning services for U.S. military vehicles and munitions. The U.S. Air Force operates the more than 30 satellites on which the system is based.
China has already launched 10 satellites for the Beidou system, the most recent of which entered orbit earlier this month, Xinhua reported. Six more satellites will be launched in 2012 to further improve the system and expand its coverage to most of the Asia-Pacific region, Xinhua quoted Ran as saying. The system is compatible with the world’s other major global navigation satellite systems, according to the report.
Civilian service provided by the U.S.’s GPS system is freely available to all users on a continuous, worldwide basis, according to the service’s website. The service is made up of space, control and user segments, of which the U.S. Air Force develops, maintains, and operates the space and control segments.
Read more…
The new year is likely to bring a distinct shift in U.S. national security priorities, as the Obama Administration and Congress sharpen their response to China’s continuous assault on U.S. information networks. Although intelligence-community analysts believe the most sophisticated intrusions are being executed by a relatively small number of agents linked to the general staff of China’s Peoples Liberation Army, the damage they are inflicting on U.S. security and economic competitiveness is judged to be extensive.
Thus far, China’s cyber campaign consists mainly of espionage aimed at stealing military secrets and intellectual property. However, Gen. Keith Alexander, head of the Pentagon’s joint Cyber Command established to counter such campaigns, said in November that, “We see a disturbing track from exploitation to disruption to destruction.” Alexander wasn’t talking just about the Chinese, but there’s little doubt among intelligence analysts that Beijing is the biggest and most persistent perpetrator of cyber crimes.
The question is what to do about it. To date, U.S. cyber efforts have been focused mainly on defensive measures, seeking to repel network intruders in a fashion that Alexander likens to the famously failed Maginot Line. The National Security Agency and other U.S. security organizations are known to have developed their own network-attack capabilities, but former White House cyber-security advisor Richard Clarke has warned that it would be dangerous for the U.S. to step up its own campaign against Chinese networks while U.S. safeguards against retaliation are so weak.
Under the leadership of a few forward-thinking policymakers such as former Deputy Secretary of Defense William Lynn, the Department of Defense and intelligence community have greatly strengthened their information defenses and begun helping industry to protect critical infrastructure. But insiders say the asymmetries between U.S. and Chinese society make it hard to cope with China’s cyber onslaught. Not only is America a much more open and porous place, but U.S. agencies and private companies have a lot more information that’s worth stealing.
Read more…
Analysis Cybercrooks and patriotic state-backed hackers in China are collaborating to create an even more potent security threat, according to researchers.
Profit-motivated crooks are trading compromised access to foreign governments’ computers, which they are unable to monitise, for exploits with state-sponsored hackers. This trade is facilitated by information broker middlemen, according to Moustafa Mahmoud, president of The Middle East Tiger Team.
Mahmoud has made an extensive study of the Chinese digital underground that partially draws on material not available to the general public, such as books published by the US Army’s Foreign Military Studies Office, to compile a history of hacking in China. His work goes a long way to explain the threat of cyber-espionage from China that has bubbled up towards the top of the political agenda over recent months.
The first Chinese hacking group was founded in 1997 but disbanded in 2000 after a financial row between some of its principal players led to a lawsuit. At its peak the organisation had about 3,000 members, according to Mahmoud. The motives of this so-called Red Hacker group were patriotic, defending motherland China against its enemies.
The hacking the US Embassy and the White House over the accidental bombing of the Chinese Embassy in Belgrade back in 1999 brought many flag-waving Chinese hackers together to, as they saw it, defend the honour of the motherland and fight imperialism in cyberspace.
Read more…
According to KCNA, North Korea’s state news agency, Premier Kim Jong Il died at 8:30 am on Saturday, December 17. However, government media did not announce the startling news until early Monday morning, that is, nearly 50 hours after the “Dear Leader’s” sudden passing. Assuming that North Korean reports of the time and location of Kim’s death are truthful, the inevitable question for intelligence observers is: did anyone outside North Korea receive news of Kim Jong Il’s death during the 50 hours that preceded its public announcement? In times like this, most Westerners tend to look at the Central Intelligence Agency, National Security Agency, MI6, DGSE, or any of the other recognizable acronyms that dominate American and European news reports. The reality is, however, that despite their often-mythical status, Western intelligence agencies tend to be limited in their global reach, which is usually heavily concentrated on selected adversaries, like Russia, or China. These agencies therefore tend to rely on their regional allies to get timely and accurate information on smaller nations that are often difficult to penetrate. In the case of North Korea, Western spy agencies depend heavily on actionable intelligence collected by South Korean and Japanese spies.
How much did the Japanese and South Koreans know about the dramatic weekend events in Pyongyang? Absolutely nothing, judging by the actions of their national governments during the 50 hours between Kim Jong Il’s death and its announcement. In fact, South Korean President Lee Myung-bak departed on a state visit to Japan about four hours after his North Korean counterpart had expired, and returned to Seoul a day later, just in time for a cocktail gala held in honor of his 70th birthday. It was early next morning that the South Korean and Japanese governments went into emergency overdrive in response to the Kim’s death. These events show that the United States was also in the dark about the developments in the North Korean capital, because it is unthinkable that Washington would have refrained from sharing such seismic news with its two closest allies in Asia. This lack of intelligence was later acknowledged by senior South Korean cabinet officials, including Won Sei-hoon, Director of the country’s National Intelligence Service, who admitted that his agency was notified of Kim Jong Il’s passing from television.
Some claim that Chinese intelligence may have been the first outside North Korea to know about the “Dear Leader’s” demise; but if this is so, then they were able to conceal it with remarkable effectiveness, since Western envoys and intelligence operatives observed no unusual political or military maneuvers in Beijing. In fact, in recent months, Chinese intelligence officials were reportedly telling their Western counterparts that Kim Jong Il’s health was improving. Even German intelligence, which arguably possessed the most accurate information on the North Korean leader’s medical condition, was caught by surprise. The Germans would have clearly been in a position to know, because members of the “Dear Leader’s” family have been frequent visitors to medical centers in former East Berlin since the 1950s. But apparently nothing was communicated to the German government, not even from the small armies of German doctors who frequently travel to North Korea to treat the country’s communist party elite.
Read more…
