Chinese Hackers Spear-Phishing for US Military Secrets

China’s digital onslaught on US systems is not new news. There have always been the lingering questions though if the attacks were from individual hacker groups or if they were state sponsored. Recent Wikileaks documents seem to point to the latter.

According to recent secret cables provided to Reuters, the attacks have been traced back to the military:

“Secret U.S. State Department cables, obtained by WikiLeaks and made available to Reuters by a third party, trace systems breaches — colorfully code-named “Byzantine Hades” by U.S. investigators — to the Chinese military. An April 2009 cable even pinpoints the attacks to a specific unit of China’s People’s Liberation Army.”

The majority of the attacks used by China have been via spear-phishing. But what exactly is spear-phishing?

Spear-Phishing is a form of social engineering. Hackers send specially crafted official looking e-mails to specific targets, with the hope that they will click on infected attachments or click on links that will take the unsuspecting surfer to malware sites. The hackers or cyber criminals scan the web looking for employees of a specific target company to send the trap e-mail messages to. In this case, Chinese intelligence and hacker groups searched for military personnel or contractors:

“Two former national security officials involved in cyber-investigations told Reuters that Chinese intelligence and military units, and affiliated private hacker groups, actively engage in “target development” for spear-phish attacks by combing the Internet for details about U.S. government and commercial employees’ job descriptions, networks of associates, and even the way they sign their emails — such as U.S. military personnel’s use of “V/R,” which stands for “Very Respectfully” or “Virtual Regards.””

And with all the United States current attempts to stop or even slow the attacks, China is actually stepping up its efforts. The social engineering attacks from China appeared to start in 2002 and according to Alan Paller, the Director of Research at SANS, “The attacks coming out of China are not only continuing, they are accelerating.”

But what could the Chinese hope to gain?

Military secrets.

Along with terabytes of data that have been stolen, the Chinese also obtained military login credentials and blue prints to some of America’s hi-tech military equipment. According to InformationWeek this includes “the quiet electric drive used by U.S. submarines to help evade detection.”

It is much faster and cheaper for the Chinese to just steal the latest military technology through low cost hacking attacks than spending the millions it would cost to develop it themselves.

When you look at the Chinese stealth fighter, that reportedly made its second test flight today, you have to wonder how much of the technology was “borrowed” from the United States.

About these ads

~ by D. Dieterle on April 19, 2011.

5 Responses to “Chinese Hackers Spear-Phishing for US Military Secrets”

  1. If they were sloppy enough to get caught right down to the unit, I would hope that a good portion of that stolen data was
    honey-pot/misinformation…..

  2. It’s crazy too Philo about the cultural differences between nations. Hacking is encouraged in many countries, and some hacker groups are even backed by the government. Chinese hackers and Russian crime groups come to mind.

    Hacking is illegal in America and looked down upon as ethically wrong. I wonder if this is one reason why the US has fallen behind in the arena. Our teens and up and coming security experts are told to steer clear of hacking and foreign newbies are encouraged to do so.

  3. [...] via Chinese Hackers Spear-Phishing for US Military Secrets « CYBER ARMS – Computer Security. [...]

  4. [...] Source: Cyberarms [...]

  5. [...] Chinese Hackers Spear-Phishing for US Military Secrets « CYBER ARMS – Computer Security. Link to this post! This entry was posted in Cyber Espionage. Bookmark the permalink. « [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

Join 274 other followers

%d bloggers like this: