[ insider_reports_insider ]
Once Again, China Implicated In Computer Espionage
David Utter
Staff Writer
2008-06-12
 Insider Reports RSS Feed
At the highest levels of government in the United States, some Congressmen believe attackers from China infiltrated their computers.
 | | Once Again, China Implicated In Computer Espionage |  |
There's no other way to put this: whatever efforts the FBI and the Department of Homeland Security has made in arranging, establishing, contracting, and implementing a secure infrastructure for the federal government may be less effective than no security at all.
The LA Times noted the latest in what seems like a perpetual string of incidents with threads running all the way back to Beijing. Representative Chris Smith (R-NJ) believes the latest attacks, believed to be seeking information on dissidents and human rights activists, traces its way to the Chinese government.
Over a nearly two year period, it is alleged Chinese interests made their way into computers on Capitol Hill. Whether that happened due to a brute force breach through a vulnerability, or through someone clicking on disguised malware, is not known.
"If members are going to access websites in China, you are engaging in risky behavior," Rep. Zoe Lofgren (D-CA) said in the report. "You are going to get malware, and you are going to lose your data."
Lofgren's viewpoint isn't news to us here. We've advocated blocking access to China and Russia in the past, especially for enterprises who have no business-specific need for their computers to connect to sites in those countries.
That's not a panacea, but something needs to happen. Blocking dangerous IP ranges completely will help. An outward-looking approach, one that considers the data leaving a machine and acting on its transmission, appears to be necessary now. We looked at one option, proposed by Fidelis in March 2008.
We don't envy the work security pros face in dealing with threats to governmental resources. But a long-running, undetected series of malicious hacks makes us wonder if security policies include regularly reviewing suspicious network traffic. Someone should have noticed machines on Capitol Hill hitting destinations in China and at minimum dropped a cursory report on a decision-maker's desk.
One day, these attacks won't be ones focused on people with inconvenient (to Beijing) views on China. Someone needs to cock an elbow and deliver it squarely into Beijing's nose, preferably before they manage to cripple our federal government's networks.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
