Chinese hackers attack Russia, USA
February 23rd, 2009
Feb. 12 (Bloomberg) -- Chinese government and freelance hackers are the primary culprits behind as many as several hundred daily attacks against U.S. government, electric-utility and financial computer networks, a senior congressman said.
“Sophisticated hackers could really wreak havoc on our financial systems if they were successful,” House Homeland Security Committee Chairman Bennie Thompson said in an interview. The threat is “primarily from China.”
While cyber plots to disrupt U.S. computer networks have been thwarted, significant vulnerabilities exist, said Thompson, a Mississippi Democrat.
Many of these problems will be detailed in a 60-day review the Obama administration on Feb. 9 said it would conduct on government cyber-security efforts, Thompson said. President Barack Obama also has said he would appoint a computer-security chief who will report directly to him, a move Thompson supports.
Currency trading is among the financial networks targeted by hackers, Thompson said. An attack would be particularly damaging in light of the financial system’s troubled state, he said.
He said electric utilities’ networks also have several points of weakness.
“We were provided alarming data on the vulnerability of our electrical grid in this country,” he said.
Wang Baodong, a spokesman for the Chinese Embassy in the U.S., denied that the Chinese government was attacking U.S. computer systems.
“Allegations that the Chinese government is behind cyber attacks against the U.S. computer networks are totally unwarranted and misleading for the America public,” Wang said in an e-mailed statement.
Wang said the Chinese government is “cracking down” on computer hacking and other cyber crimes.
WASHINGTON, Feb. 24 (UPI) -- Islamist hackers took their fight to the target-rich environment of the Internet years ago. Thanks to its low barriers to entry, the cyber environment has proven itself to be one of the most efficient asymmetric tools for Islamist terrorists to incite hatred and violence, and plan and carry out attacks.
Also, nation-states are increasingly employing cyber warfare to attack other states or entities, either solely in the cyber domain or as part of a full-spectrum military maneuver, as documented by James Jay Carafanoand Richard Weitz in their paper "Combating Enemies Online: State-Sponsored and Terrorist Use of the Internet," Heritage Foundation Backgrounder No. 2105, Feb. 8, 2008, pp. 3-4, at http://www.heritage.org/Research/nationalSecurity/bg2105.cfm.
States like China and Russia, which remain inferior to the U.S. militarily, have identified America's vulnerability and worked diligently to exploit it. This process has been documented by John J. Tkacik Jr. in his paper "Trojan Dragons: China's International Cyber Warriors," Heritage Foundation WebMemo No. 1735, Dec. 12, 2007, at http://www.heritage.org/research/asiaandthepacific/wm1735.cfm, and by James Jay Carafano, "When Electrons Attack: Cyber-Strikes on Georgia a Wake-Up Call for Congress," Heritage Foundation WebMemo No. 2022, Aug. 13, 2008, at http://www.heritage.org/research/nationalsecurity/wm2022.cfm.
As we have learned from Chinese military journals, the People's Liberation Army has focused intensely on attacking the U.S. military's C4ISR network with a variety of weapons, including anti-satellite weapons and cyber warfare. Roger Cliff, Mark Burles, Michael S. Chase, Derek Eaton and Kevin L. Pollpeter have documented these developments in their study "Entering the Dragon's Lair: Chinese Antiaccess Strategies and Their Implications for the United States," RAND Corp., 2007, p. 18, at http://www.rand.org/pubs/monographs/2007/RAND_MG524.pdf.
The predominant tool used for cyberattacks is the botnet. A botnet is a network of computers that have been compromised by a and may be remotely controlled by a single computer, called a "bot herder" or "bot master." When the power of thousands of computers is combined, it can be used to launch denial-of-service attacks to shut down desired Web sites. Because of the rapidly changing nature of software, including improved commercially available , the dissemination of botnet code has evolved from using e-mail attachments to pop-up spam messages and even silent uploads that take advantage of vulnerabilities in Internet browsers, as pointed out by Clay Wilson in his study "Botnets, Cybercrime and Cyberterrorism: Vulnerabilities and Policy Issues for Congress," Congressional Research Service, Jan. 29, 2008, at http://www.fas.org/sgp/crs/terror/RL32114.pdf.