Watching Chinese Cyber Attacks against US as they Happen

Cyber Attack 4

I just happened to be up very early this morning and caught some of the chatter on Twitter about massive incoming cyber attacks against the US. So I pulled up the Live Attack map from Norse to check it out and saw the amazing image above.

From what I have seen, usually America and China are fairly even in the attack origins category.  But this morning there just seemed to be a flood of attacks from China being recorded by the Norse honeypot systems in St. Louis.

Stunning that the image just represents a fraction of real world attacks that are happening at any moment.

 

 

China Demos Hacker obtained Stealth Tech during Obama Visit

During the Asia-Pacific Economic Cooperation meeting in Beijing, President Obama took China to task about its cyber espionage campaign against Western technology creators and innovators. And China responded by showing off the fruit of their hacker’s labor by test flying the J-31 Stealth Fighter prototype.

The J-31 (seen above) and China’s other stealth fighter, the J-20, both allegedly contain stealth technology stolen from US military contractors. Adding insult to injury, China plans on exporting the stealth fighter to nations that can not afford the American F-35.

Electronic espionage has allowed China to make very rapid advances in military & research fields and they show no sign of slowing down amidst political pressure. If anything they are expanding their attempts at an alarming rate.

As we haven’t had a lot of luck keeping Chinese hackers out of US systems, maybe it is time to create fake honeypot systems for them to attack that contain purposely flawed military designs…

Community Health Systems Hacked – 4.5 Million Records Stolen

Medical Recrods Hacked

Chinese hackers seem to be at it again. This time hitting Community Health Systems, a large US medical group that runs over 200 hospitals in 29 states. According to reports from Foxnews, the attackers were able to steal 4.5 million records.

A filing with the U.S. Securities and Exchange Commission stated that computer security company Mandiant assisted in the forensics investigation and “believe the attacker was an “Advanced Persistent Threat” group originating from China who used highly sophisticated malware and technology to attack the Company’s systems.

According to the filing the data was “non-medical patient identification data” and did not include “patient credit card, medical or clinical information“. The company is notifying the affected patients and apparently offering them identity theft protection services.

As financial information was not recovered, the information would most likely be used in further social engineering type attacks – for example, using the information gained to attempt to access patients accounts or data from other companies or websites.

For those interested in learning more about Mandiant and their research of Chinese APT attacks, check out their “APT1: Exposing One of China’s Cyber Espionage Units” intelligence center report.

US Formally Charges Chinese Military Officials for Hacking

Today the United States Department of Justice announced a formal indictment against individual Chinese military officials for hacking into US companies.

For years China has turned to hacking to close the technology gap between them and other nations. Termed “cyber-espionage”, Chinese hackers targeted hi-tech US companies and stole confidential research and development data.

From the Chinese side it is a very lucrative form of industrial espionage, it costs them very little to do and they have recovered millions if not billions of dollars of research data and have significantly reduced their R&D time.

The US apparently has had enough and is preparing a formal court case against them – For what it is worth.

“This is a tactic that the United States government categorically denounces. This case should serve as a wake-up call to the seriousness of the ongoing cyberthreat,” Attorney General Eric Holder said.

The chances that China will admit to hacking or turn over anyone involved are very slim. They have already denied the accusations as false, but I guess you need to start somewhere.