-
McAfee: China leads world in hacked computers
A new study finds that more personal computers in China — about 1,095,000 computers — than in any other country have been hacked to make them zombies, then grouped into botnets to engage in massive e-mail attacks on Web sites; the prevalence of botnets is a sign of how vulnerable computer networks are to infiltration
-
-
Google turns to NSA for assistance in thwarting Chinese cyberattacks
Google has developed a reputation as a company that likes to keep its distance from government agencies; the cyberattacks on Google by the Chinese intelligence services has caused Google to reconsider; it is now finalizing a new deal with the NSA to share data – the company’s first formal agreement with the NSA; the spy agency will help Google develop better defenses against Chinese encroachment
-
-
MI5: Chinese intelligence blackmails British business people to hand over business secrets
MI5, the U.K. secret service, warned British companies of a sustained, coordinated, and ruthless Chinese intelligence effort to compromise the security of British firms and steal their intellectual property; MI5 warned: “Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurize individuals to cooperate with them”; MI5 report follows public warnings from senior MI5 officials that China posed “one of the most significant espionage threats” to Britain
-
-
What the Chinese attacks on Google mean for enterprise security
Chinese government intelligence operatives exploited vulnerabilities in Internet Explorer 6 and higher to launch sustained cyber attacks against 32 Western companies operating in China; the hacking of the Gmail accounts of political dissidents were but a tiny part of the attacks; rather, the attacks were part of a coordinated campaign that targeted the intellectual property of a wide swath of the U.S. industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks; wide-ranging industrial espionage is a central element in the Chinese government’s effort to hasten the rise of China to a position of global economic hegemony
-
-
Experts: Chinese attack on Google “one of the most sophisticated hacking attacks to date”
The cracking techniques used by Chinese government operatives in the assault on Google and 31 other Western companies, used multiple malware components, with highly obfuscated code designed to confound security researchers; this marks out the Chinese attack as one of the most sophisticated hacking attacks to date; why was the search engine giant using the famously vulnerable IE6 remains a mystery
-
-
Chinese cyber attacks hit U.S. law firm which is suing China for stealing Web filtering code form a U.S. company
The Los Angeles-based law firm Gipson Hoffman & Pancione sued China for lifting Web-filtering code developed by U.S. company Cybersitter; Chinese companies and government agencies stole the code in order to use it in the Chinese government’s effort to create tighter Web censorship and tracking system (China’s Orwellian name for the project” “The Green Dam Youth Escort monitoring program”); on Monday, Chinese hackers began to hack the law firm’s computer systems, in a manner strikingly similar to the attacks by Chinese intelligence operatives on Google, Adobe Systems, and 32 other Western companies
-
-
China tries to contain damage from Google dispute
The Chinese government says it will try to persuade Google to continue its operations in China, but expect Google – and other foreign companies — to “respect local law and regulations and local culture and customs to shoulder social responsibility”; Google already made concessions to Chinese law and regulations by allowing the government to dictate what users can – and cannot — find when they do Google searches; Google’s decision to leave China came after Chinese intelligence agents hacked the Gmail accounts of political dissidents and human rights activitists
-
-
U.S. looking for intellectual property offenders
The Trade Act of 1974 mandate that the U.S. Trade Representative (USTR) “identify countries that deny adequate and effective protection of intellectual property rights or deny fair and equitable market access to U.S. persons who rely on intellectual property protection”; the USTR has just called for public comments to point out foreign governments that have not lived up to their obligations to protect U.S. intellectual property rights; last year, the USTR investigated 77 U.S. trading partners for possible intellectual property rights violations, resulting in 45 countries being placed on either the Priority Watch List or the Watch List for their weak intellectual property rights protection regime
-
-
Google to pull out of China following government-sponsored cyberattacks
In order to operate in China, Google agreed to implement stringent government-dictated censorship as to what Chinese consumers can – and cannot – find when doing Google searches; Google’s compliance with Chinese censorship was harshly criticized by human rights and freedom-of-speech organizations, but Google responded that this was the cost of doing business in China; the Chinese government’s hacking of Gmail accounts in order to monitor political dissidents proved to much for Google, though, and the company is now set to end its operations in China
-
-
Google’s decision a rare show of defiance in China
Google’s decision to leave China is a rare show of defiance in a market where the government punishes those who do not play by the rules; in industries from automaking to fast food, companies have been forced to allow communist authorities to influence — and sometimes dictate — their choice of local partners, where to operate, and what products to sell; many high-tech companies operating in China are forced to open their intellectual property and industrial secrets to their Chinese competitors – or to Chinese government officials, who pass on that property to Chinese companies – allowing these Chinese companies to reverse engineer and copy Western companies’ products and solutions; Western companies have struggled to make headway against intense competition from Chinese rivals – rivals who enjoy the fact that the Chinese government writes rules which tilt the playing field in favor of Chinese companies
-
-
China offers Internet pirates bulletproof havens for illegal file sharing
Most bulletproof hosts which allow music, video, and software to be illegally shared online are located in China, where criminals are able to take advantage of low costs and legal loopholes to avoid prosecution; despite officials in Beijing talking in tough terms about computer crime — hacking potentially carries a death sentence in China — the authorities rarely cooperate with other countries to take action against hi-tech criminals; as a result, just a handful of firms in China are responsible for hosting thousands of criminal enterprises online; one example: more than 22,000 Web sites which sent pharmaceutical spam were hosted by six bulletproof servers in China
-
-
Solid Oak sues China, Lenovo for stealing Green Dam code
The Chinese government wanted to install a Green Dam around the computers used by Chinese – officially for the purpose of preventing the spread of pornography and other unseemly digital contents; the plan was abandoned after it became clear that the true purpose was to control the spread of political contents and help the government better monitor political dissent; U.S. software security firm charges that in the process of creating the dam, the Chinese government and Chinese companies – but also several non-Chinese companies which stood to gain from participating in the scheme — stole its code; it mow demands $2.2 billion in compensation
-
-
Bio espionage: New threat to U.S. economy
In January, DHS warned of an increased cyber attack threat by activists/hacktivists and extremist groups; these groups are known to target life sciences and biotech companies; life sciences sector, pharmaceutical sector, and biotech sector are areas where we should expect information security challenges to increase exponentially for the foreseeable future
-
-
Fake Cisco serial numbers in $1 million Chinese computer parts scheme
Two Kansas men are accused of buying network gear in China, and then attaching fake Cisco serial numbers to the components, placing them in Cisco boxes, and selling them as Cisco products; security experts have warned that counterfeit networking gear could contain back doors that allow spies to conduct industrial espionage on U.S. companies
-
-
Counterfeit chips may hobble advanced weapons
While most computer security efforts have until now been focused on software, tampering with hardware circuitry may ultimately be an equally dangerous threat; the Pentagon now manufactures in secure facilities run by American companies only about 2 percent of the more than $3.5 billion of integrated circuits bought annually for use in military gear
-
More headlines
The long view
Canada’s Biosecurity Scandal: The Risks of Foreign Interference in Life Sciences
By Brendan Walker-Munro
In July 2019, world-renowned biological researchers Xiangguo Qiu and Keding Cheng were quietly walked out of the Canadian government’s National Microbiology Lab (NML). The original allegation against them was that Qiu had authorized a shipment to China of some of the deadliest viruses on the planet, including Ebola and Nipah. Then the story seemed to go away—until now.
Don’t Buy Moscow’s Shameless Campaign Tying Biden to Its Terrorist Attack
Russia has offered many different explanations to the ISIS-K’s 22 March 2024 terrorist attack at the Crocus City Hall in Moscow, but the most recent explanation offered by Russia is the most audacious yet: Russia now charges that the Ukrainian energy company Burisma financed the attack. Burisma is at the center of an effort by a congressional committee to impeach President Biden, but the case has all but collapsed. Hunter Stoll writes that Russia’s disinformation and propaganda apparatus appears to be searching for ways to keep Burisma in the news ahead of the U.S. presidential election.