CYBER INSECURITY
Growing Global Threat From Chinese Cyber Hackers
Fox News reports: “Western governments and corporations were facing a growing threat from hackers based in China, who remain strong despite a crackdown by the authorities, Sky News reported.
An estimated 1.6 billion attacks are launched from China each month, with some successful efforts breaching the computer systems of the Pentagon and those of the French, German and British governments.
Even the strongest security systems have holes, one 21-year-old self-trained hacker said. Everyone knows that those people haven’t realized that there are hackers who can attack them. They probably think they have the best security possible.
The Chinese government claimed it was tackling the illegal activity. Last year, authorities reportedly made several hundred arrests and closed one online hacking school that was said to have 180,000 members — but other websites offering the same service remained in operation.
Sky News recently gained access to a conference organized by a well-known hacking group in a four-star hotel in Beijing. The event was sponsored by a security firm with alleged connections to the Chinese military. Speakers covered topics such as Defeat Windows 7 and Virtual Viruses Infection.
The conference also highlighted the murky connections between hackers and the Chinese government.
One man, who identified himself as a policeman, said, We’re here to see if they have anything we can use. If there is, then we’ll get in touch with them and take the next step.
In 2009, investigators discovered that Ghostnet, the largest-ever network of cyber attacks, could be traced back to China. The operation’s command and control gained real-time control over 1,200 computers belonging to foreign embassies, international organizations and media groups in more than 100 countries ” (See the previous reports on China.)
Infrastructure cyberattack fears on the rise
SpaceDaily.com reports: “Cyber threats such as Stuxnet pose an increasing risk to critical infrastructure worldwide but many facilities are unprepared to face the danger, according to a report.
We found that the adoption of security measures in important civilian industries badly trailed the increase in threats over the last year, said Stewart Baker of the Center for Strategic and International Studies (CSIS), releasing a report conducted with computer security firm McAfee.
For the report, In the Dark: Crucial Industries Confront Cyberattacks, McAfee surveyed 200 information technology executives charged with security at power, oil, gas and water facilities in 14 countries.
What we found is that they are not ready, the McAfee-CSIS report said. The professionals charged with protecting these systems report that the threat has accelerated — but the response has not.
The fact is that most critical infrastructure systems are not designed with cybersecurity in mind, and organizations need to implement stronger network controls, to avoid being vulnerable to cyberattacks, McAfee vice president Phyllis Schneck said.
Forty percent of the critical infrastructure executives surveyed said they believed that their industry’s vulnerability had increased and 30 percent said their company was not prepared for a cyberattack.
Forty percent said they expect a major cyberattack within the next year — defined as one that causes severe loss of services for at least 24 hours, a loss of life or personal injury, or the failure of a company.
Nearly 70 percent said they frequently found malware designed to sabotage their systems and nearly half of the respondents in the electricity industry sector said they had found Stuxnet on their systems ” (Cyber-attacks could bring the greatest disaster ever known in history as computer systems become paralyzed and bring total darkness, bedlam, and misery upon all humanity as numerous cyber-strikes occur Luke 21:25; II Timothy 3:1. See also the next report.)
North Korea ‘behind South Korean bank cyber hack’
BBC News reports: “Prosecutors in South Korea say North Korean hackers were behind an attack that paralysed a leading bank.
Banking operations at Nonghyup, a South Korean farm co-operative, were halted by the cyber intrusion, leaving customers unable to access their money.
The Seoul prosecutors’ office called it unprecedented cyber-terror deliberately planned by North Korea.
It said the software used matched that used in earlier attacks by Pyongyang.
Prosecutors said that a laptop used by a subcontractor became in September 2010 a zombie PC operated by the North, which… later remotely staged the attack through the laptop.
One of the Internet Protocol (IP) addresses used to break into Nonghyup’s system was the same as one used in March for a distributed denial-of-service (DDoS) attack that originated in North Korea, they added.
The software used in the incident was also similar to that employed in July 2009, when a number of South Korean government websites were attacked, the prosecutors said.
The latest attack caused a three-day service outage at the bank – also called the National Agricultural Co-operative Federation – and caused the records of some credit card customers to be deleted ”