Feeds

Chinese crackers attack US.gov

Incoming!

The Essential Guide to IT Transformation

Chinese hackers have launched a sustained attack against the web systems of the US Department of Commerce.

Security experts reckon attacks originating from computer crackers largely located in China's Guangdong province are aimed at extracting sensitive information from targets such as the Commerce Department's technology export office.

Security consultants and US government officials reckon the assaults have at least the tacit support of the Chinese government, AFP reports.

The scope of the attacks has prompted the Bureau of Industry and Security (BIS), which manages US technology exports for both commercial and military use, to overhaul its computer systems and security defences. Information housed on the department's systems includes sensitive commercial and economic data on US exporters as well as data involving law enforcement records.

"BIS discovered a targeted effort to gain access to BIS user accounts," Commerce Department spokesperson Richard Mills said. "They took a series of immediate action steps to ensure that no BIS data is compromised. We have no evidence that any BIS data has been lost or compromised," Mills said.

Mills declined to speculate on the origins of the attacks but unnamed US government sources and security experts are pointing the finger of blame towards China. It's not the first time hackers in China have been accused of launching cyber-attacks on the computer systems of Western governments. Attacks on UK government systems using a then unpatched Microsoft Windows Meta File (WMF) exploit last Christmas were traced back to China.

All this alleged cloak and dagger activity is beginning to have an effect on US computer procurement decisions. The planned purchase of 18,000 computers manufactured by Lenovo in China by the State Department was blocked after legislators raised national security concerns, AFP reports. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.