SCIY.Org Archives

This is an archived material originally posted on sciy.org which is no longer active. The title, content, author, date of posting shown below, all are as per the sciy.org records
Chinese Hack Attack on U.S. Commerce Department Security

Originally posted on sciy.org by Ron Anastasia on Fri 06 Oct 2006 05:02 PM PDT  



Chinese Hack Attack on Security

Hackers linked to China take offline Bureau of Industry and Security.

Red Herring.com

October 6, 2006

A U.S. Commerce Department bureau has been under siege from hackers operating from China, forcing it to take hundreds of computers off its network for more than a month.

 

The Bureau of Industry and Security, which controls exports of commodities and technology, was affected in the attacks from hackers with links to Chinese Internet service providers.

 

“They discovered a targeted effort to gain access to user accounts,” Commerce Department spokesman Richard Mills said.

 

The department has, however, not seen any of its data lost or compromised, he said. BIS "took a series of immediate action steps to ensure that no data is compromised,” Mr. Mills said.

 

Mr. Mills, however, declined to elaborate on the nature of the attacks.

 

While the bureau hasn’t specified details of the attack, it has said the hackers are coming from servers in China. “Some of the URLs were registered to Chinese Internet service providers,”  Mr. Mills said.


The BIS has restricted Internet access to standalone workstations that are not connected to any of its systems. It also plans to revamp its network. Instead of putting some of the existing computers that could be infected back online, the bureau will buy and set up new workstations.

 

“We will be setting up a new clean system with new clean hardware,” said Mr. Mills.

The attack on the BIS systems comes on the heels of disclosures made by other government departments about facing cyberthreats from China. In July, hackers from China broke into State Department computers.

Attacks Severe
While the Commerce Department downplayed the attacks, others were skeptical.

 â€œIf they are taking these computers offline and junking them, I don’t believe they haven't lost any data,” said Eric Sites, vice president of research and development at anti-virus firm Sunbelt Software .“This seems to be a pretty severe attack if they are going through this level of response, which is replacing all their systems.”

IT managers at the bureau would have no choice but to do that if computers were infected with so-called root kits, or software tools that are intended to hide running files or processes, thereby helping intruders avoid detection.

The Commerce Department has also labeled this as a targeted attack, something that security experts believe is in keeping with the trend that they have been seeing. Increasingly, hackers are moving away from launching cyberattacks aimed at creating mayhem to initiating specific attacks designed to steal sensitive information.

The BIS, with its dealings related to controlling access of sensitive technology, would be a prime  target.

“There are known hacker groups in China, some sponsored by the Chinese government that target specific information inside the U.S.,” Mr. Sites said. “Some of the hackers can be very efficient, and very quick.”

Contact the writers: SMartin@RedHerring.com and PGanapati@RedHerring.com

Attachment: