• What the Chinese attacks on Google mean for enterprise security

    Chinese government intelligence operatives exploited vulnerabilities in Internet Explorer 6 and higher to launch sustained cyber attacks against 32 Western companies operating in China; the hacking of the Gmail accounts of political dissidents were but a tiny part of the attacks; rather, the attacks were part of a coordinated campaign that targeted the intellectual property of a wide swath of the U.S. industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks; wide-ranging industrial espionage is a central element in the Chinese government’s effort to hasten the rise of China to a position of global economic hegemony

  • Experts: Chinese attack on Google “one of the most sophisticated hacking attacks to date”

    The cracking techniques used by Chinese government operatives in the assault on Google and 31 other Western companies, used multiple malware components, with highly obfuscated code designed to confound security researchers; this marks out the Chinese attack as one of the most sophisticated hacking attacks to date; why was the search engine giant using the famously vulnerable IE6 remains a mystery

  • Chinese cyber attacks hit U.S. law firm which is suing China for stealing Web filtering code form a U.S. company

    The Los Angeles-based law firm Gipson Hoffman & Pancione sued China for lifting Web-filtering code developed by U.S. company Cybersitter; Chinese companies and government agencies stole the code in order to use it in the Chinese government’s effort to create tighter Web censorship and tracking system (China’s Orwellian name for the project” “The Green Dam Youth Escort monitoring program”); on Monday, Chinese hackers began to hack the law firm’s computer systems, in a manner strikingly similar to the attacks by Chinese intelligence operatives on Google, Adobe Systems, and 32 other Western companies

  • China tries to contain damage from Google dispute

    The Chinese government says it will try to persuade Google to continue its operations in China, but expect Google – and other foreign companies — to “respect local law and regulations and local culture and customs to shoulder social responsibility”; Google already made concessions to Chinese law and regulations by allowing the government to dictate what users can – and cannot — find when they do Google searches; Google’s decision to leave China came after Chinese intelligence agents hacked the Gmail accounts of political dissidents and human rights activitists

  • U.S. looking for intellectual property offenders

    The Trade Act of 1974 mandate that the U.S. Trade Representative (USTR) “identify countries that deny adequate and effective protection of intellectual property rights or deny fair and equitable market access to U.S. persons who rely on intellectual property protection”; the USTR has just called for public comments to point out foreign governments that have not lived up to their obligations to protect U.S. intellectual property rights; last year, the USTR investigated 77 U.S. trading partners for possible intellectual property rights violations, resulting in 45 countries being placed on either the Priority Watch List or the Watch List for their weak intellectual property rights protection regime

  • Google to pull out of China following government-sponsored cyberattacks

    In order to operate in China, Google agreed to implement stringent government-dictated censorship as to what Chinese consumers can – and cannot – find when doing Google searches; Google’s compliance with Chinese censorship was harshly criticized by human rights and freedom-of-speech organizations, but Google responded that this was the cost of doing business in China; the Chinese government’s hacking of Gmail accounts in order to monitor political dissidents proved to much for Google, though, and the company is now set to end its operations in China

  • Google’s decision a rare show of defiance in China

    Google’s decision to leave China is a rare show of defiance in a market where the government punishes those who do not play by the rules; in industries from automaking to fast food, companies have been forced to allow communist authorities to influence — and sometimes dictate — their choice of local partners, where to operate, and what products to sell; many high-tech companies operating in China are forced to open their intellectual property and industrial secrets to their Chinese competitors – or to Chinese government officials, who pass on that property to Chinese companies – allowing these Chinese companies to reverse engineer and copy Western companies’ products and solutions; Western companies have struggled to make headway against intense competition from Chinese rivals – rivals who enjoy the fact that the Chinese government writes rules which tilt the playing field in favor of Chinese companies

  • China offers Internet pirates bulletproof havens for illegal file sharing

    Most bulletproof hosts which allow music, video, and software to be illegally shared online are located in China, where criminals are able to take advantage of low costs and legal loopholes to avoid prosecution; despite officials in Beijing talking in tough terms about computer crime — hacking potentially carries a death sentence in China — the authorities rarely cooperate with other countries to take action against hi-tech criminals; as a result, just a handful of firms in China are responsible for hosting thousands of criminal enterprises online; one example: more than 22,000 Web sites which sent pharmaceutical spam were hosted by six bulletproof servers in China

  • Solid Oak sues China, Lenovo for stealing Green Dam code

    The Chinese government wanted to install a Green Dam around the computers used by Chinese – officially for the purpose of preventing the spread of pornography and other unseemly digital contents; the plan was abandoned after it became clear that the true purpose was to control the spread of political contents and help the government better monitor political dissent; U.S. software security firm charges that in the process of creating the dam, the Chinese government and Chinese companies – but also several non-Chinese companies which stood to gain from participating in the scheme — stole its code; it mow demands $2.2 billion in compensation

  • Bio espionage: New threat to U.S. economy

    In January, DHS warned of an increased cyber attack threat by activists/hacktivists and extremist groups; these groups are known to target life sciences and biotech companies; life sciences sector, pharmaceutical sector, and biotech sector are areas where we should expect information security challenges to increase exponentially for the foreseeable future

  • Fake Cisco serial numbers in $1 million Chinese computer parts scheme

    Two Kansas men are accused of buying network gear in China, and then attaching fake Cisco serial numbers to the components, placing them in Cisco boxes, and selling them as Cisco products; security experts have warned that counterfeit networking gear could contain back doors that allow spies to conduct industrial espionage on U.S. companies

  • Counterfeit chips may hobble advanced weapons

    While most computer security efforts have until now been focused on software, tampering with hardware circuitry may ultimately be an equally dangerous threat; the Pentagon now manufactures in secure facilities run by American companies only about 2 percent of the more than $3.5 billion of integrated circuits bought annually for use in military gear

  • The brief

    Vetting a chip with a hidden agenda is not easy, and chip makers cannot afford to test every chip; also, today only Intel and a few other companies still design and manufacture all their own chips in their own fabrication plants; other chip designers — including LSI Corp. and, most recently, Sony — have gone “fabless,” outsourcing their manufacturing to off-shore facilities known as foundries

  • Canadian government finds support for Internet surveillance scheme

    The Canadian federal government wants to broaden its Internet surveillance capabilities; the Security Intelligence Review Committee, the watch-dog over Canada’s spy agencies, supports the idea

  • China bolsters its information warfare capabilities

    One of the chief strategies driving the process of modernization (known in China as “informatization”) in the PLA is the coordinated use of CNO, electronic warfare (EW), and kinetic strikes designed to
    strike an enemy’s networked information systems, creating “blind spots” that PLA forces could exploit at predetermined times or as the tactical situation warranted