Worldwide cyberspying traced to China
A leading computer security firm has used logs produced by a single server to trace the hacking of more than 70 corporations and government organisations over many months, and experts familiar with the analysis say the snooping probably originated in China.Updated: Aug 04, 2011 01:26 IST
A leading computer security firm has used logs produced by a single server to trace the hacking of more than 70 corporations and government organisations over many months, and experts familiar with the analysis say the snooping probably originated in China.
Among the targets were the Hong Kong and New York offices of the Associated Press, where unsuspecting reporters working on China issues clicked on infected links in e-mail, the experts said.The list of victims in the five-year campaign include the governments of the U.S., India, Taiwan and South Korea, the Association of Southeast Asian Nations (Asean), the International Olympic Committee (IOC) and the World Anti-Doping Agency, according to a report by McAfee, a security firm that monitors network intrusions around the world.
The Indian IT organization - as the other victims - has not been identified. "We decided not to identify the organizations or companies so as not to panic their customers and investors," McAfee spokesman Joris Evers told HT
Did Indian Computer Emergency Response Team, a government body that tracks such attacks and viruses, know about these attacks? It could not be contacted despite many attempts. There was no response on its listed phones.
The Indian agency was attacked in September and it lasted two months, ending perhaps around the time US president Barack Obama visited India in November. Chinese premier Wen Jiabao came later, in December.
James A Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said "the most likely candidate is China."
The target list's emphasis on Taiwan and on Olympic organisations in the run-up to the Beijing Games in 2008 "points to China" as the perpetrator, he said. "This isn't the first we've seen. This has been going on from China since at least 1998."
Another computer expert with knowledge of the study, who spoke on the condition of anonymity out of reluctance to blame China ublicly, said the intrusions appear to have originated in China.
The intruders were after data on sensitive U.S. military systems, as well as material from satellite communications, electronics, natural gas companies and even bid data from a Florida real estate company, McAfee said. Forty-nine of the 72 compromised organisations were in the United States.
Dmitri Alperovitch, McAfee's vice president of threat research said that some of the intrusions - such as one into the World Anti-Doping Agency in Montreal - are continuing.
(With inputs from Yashwant Raj, Washington)
(In exclusive partnership with The Washington Post. For more log on to www.washingtonpost.com.)