back to article Cyber attacks target pro-Tibetan groups

Groups sympathetic to anti-Chinese protesters in Tibet are under assault by cyber attackers who are embedding malware in email that appears to come from trusted colleagues. The email is being sent to members of human-rights groups. The messages include attachments in PDF, Microsoft Word and Excel formats, that install …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Black Helicopters

    Professional Job?

    Professional job? PDF, DOC, & PPT files...looks too professional to me to be anything but politically motivated by government agencies.

    If it was an amater or someone with a grudge, you'd expect to see it born by EXE, BAT, COM, VBS...or financially motivated with those more "advanced" formats.

    Just my thoughts.

  2. Anonymous Coward
    Anonymous Coward

    And so it begins

    Government sponsored cracking, now means the simplistic concept of black, grey, white hats are now all up in the air.

    China is going to rip thru IT, it is already, but it will just keep ramping up.

    Cyber war is the standard first step now in modern warfare, in fact it could be all that is required if done with sufficient accuracy.

    The UK does appear to be somewhat backward in the field of computer security, so I am not so sure we are going to come out victorious in this, unless specific steps are taken to fill the skills gap. Most of our eggs appear to be in the US basket which is a little worrying. A lot of our data jumps the pond, the government appears to hire foreign interests to 'look after' UK data, and that fact alone is going to leave us distinctly copper knicker less.

  3. John Savard

    Reason for Calm

    My reaction to the news from Tibet was a sharp one.

    I, for one, would heartily approve if G. W. Bush simply assumed that, since foreign reporters are being expelled, a genocide must be in progress, and launched a pre-emptive nuclear strike on China, followed by regime change.

    And if, in fact, China wasn't exterminating the Tibetan people, to take that as much in stride as he did the lack of WMDs in Iraq.

    But I think we shouldn't assume the Chinese government is involved in these attacks, even if I would suspect them in, say, an attack on an Epoch Times printing press in Hong Kong.

    The situation should be monitored closely, but I think the Chinese government knows that a foray into cyberwar would be taken very seriously

  4. Anonymous Coward
    Black Helicopters

    @ac

    Don't be so naive, a lot of western countries have been doing it for years. Aside from everybody's favorite bad guy, the US, the French government has been intimately involved in corporate espionage for at least a decade and a half (at least as far back as my personal exposure to their handiwork goes).

    Actually, I'm quite surprised that the press is actually now just starting to sit up and take notice. Since China is intimately involved, at so many levels, in the manufacturing, assembly and testing of electronic equipment, including generic components that can be used in military or government equipment, who's to say they're not embedding some sort of spyware or poison pill into the stuff?

    I have seen it happen on one piece of equipment, that I will vaguely refer to as an enterprise caliber network security appliance... As God as my witness, I saw network traffic originating from this piece of equipment, heading to the P.R.C. What ever it was, it was encrypted, and it wasn't a huge amount, but after pouring through ALL of the network logs of both the device and several firewalls, it was trying to send something to Chinese netspace.

    That is why I will never knowingly purchase, recommend or use anything where China (or even some former soviet-bloc states) is even remotely involved in, unless I'm ordered by my superiors, to.

    Sadly, it's getting more difficult to find equipment 100% manufactured in the US, UK or Canada, but it's out there. And in my humble opinion, it's every bit worth the premium.

    Call me a bigot, a racist or what have you, but knowing what I know now, I would advise any business thinking about relocating to China to think about the larger picture, instead of the short term profit.

  5. Anonymous Coward
    Anonymous Coward

    oh espionage has been going on since we invented fire

    But only recently has China been showing its hand in using cyber warfare to launch the initial strikes. And doing it on a much wider scale. It looks like they are testing the waters, that is the point to realise, they are ramping up - the 'And so it begins' is a comment of impending doom, not a reference to the starting point of world espionage, you have to be American to over read into that :)

    The UK appears though to be ramping down, phorm is a fairly good example of something that should never have hit the tables of a UK boardroom, let alone been 'tested' on a live network.

  6. Gordon Fecyk
    Thumb Down

    This is begging for a standardized LART, you know

    Let's see, you have China, two quotes from prominent anti-virus firms, a celebrity (in this case a movement in Tibet), and vulnerabilities in applications long since addressed.

    Sounds like a typical knee-jerk security article to me. Only thing missing is an urgent plea to update your anti-virus software. Don't forget that next time, ok?

  7. Mectron
    Flame

    What need to be done

    1. Cancellation of this year's Olympic

    2. Total isolation of china until tibet is free and the obviously criminal goverment is removed

    it seem it is time that the free nations take control and free the countries infected by comunism (and terrorist, with mean ALL islam controled countries)

    but the cancellation of the olympic will be a good start.

  8. Anonymous Coward
    Anonymous Coward

    Chinese over reaction

    I am sort of embarrassed for the Chinese they are completely showing their ass to the world and for what, is their hold on Tibet in question. It looks for all the world like they are guilty (which I suppose they are) of tyranny and inhumanity they can't stand even the smallest amount of sunlight on their doings. As far as the Olympics are concerned I think the impenetrable smog, and sidelined asthmatic athletes will do more to screw it up than all the Tibetan protests on the road from Everest. It's likely to be another disaster for the Olympics and the Chinese. Cyberwar sounds impressive, it's not, pay attention to the web's usual assortment of evil bastards they have always been with us more stuff like this barely makes a ripple. I really feel sorry for the Tibetans the hardest place on earth to live and the Chinese government won't let them do it their way what a bunch of slime balls.

  9. I. Aproveofitspendingonspecificprojects
    Alien

    > @ac

    Any idea if the dissidents have much space on Opera:

    Deleted Messages

    By EspenAO. Tuesday, 21. August 2007, 15:45:21

    At 1:00 PM CEST today there was an unfortunate incident that resulted in all private messages being deleted from our servers. We are working on restoring the messages as we speak, and we'll get back to you with more information as soon as we can.

    http://my.opera.com/community/blog/2007/08/21/deleted-messages?cid=3474600&startidx=150#comment3474600

    I imagine Google Groups get a fair bit of said targeting too. They are looking a little pasty atm.

    Couple that with the spate of spam eventsd sice the cable outages and we should be looking at pinpointing the focus of conspiracy theories.

    But clipping China's wings should be relatively easy, no?

    Nobody likes them except the large conglomerates getting into bed with them and being screwed because of it (a self healing sectionally transmitted disease.) So who is going to lose out?

  10. Charles Hammond
    Pirate

    Red Menace

    These are the same Chinese people who arrested the Fulong Gong, a group of people practicing deep breathing exercises, put them in prison camps, tortured them and then sold their body parts to the highest bidder.

    Why would you doubt these Chinese Communists capable of anything?

  11. Greg

    Important news but not new news

    While I'm happy that this has finally made the news, this has been going on for years.

    I have several friends active in the Tibetan movement and then contact me a few times a year to check out attachments for them. (This isn't counting any emails that they can figure out for themselves). They are always specifically targeted (sometimes to individual emails) and the attachments are always named so that organizers will want to open them (so usually Office documents with names such as those in the article).

    I've now put them in contact with SANS so that I don't need to worry about it any more.

    P.S. Recently I've been sharing in some of the joy of trying to keep in contact with people behind the Great Firewall. Those that I have information about are fine, the other two are still a mystery.

  12. Morely Dotes

    It's definitely a Red Army operation

    The Chinese Red Army has direct control over all Internet activity in China; they've been deliberately turning a blind eye to any spam going *out* of the country ever since they got the Bamboo Firewall in place, while actively tracing the sources of spam internal to China, and executing the spammers.

    While I applaud the execution of spammers, it is patently obvious that the Red Army has orchestrated the spam attacks on the West, and the latest denial of service attacks on Free Tibet are only a minor escalation of their activity.

  13. George
    Jobs Horns

    Reminds me of the DOS attack on Ukraine

    Just another projection of state power into Cyberspace.

    The real question is this - aas anyone reverse engineered the keystroke logging programs to transmit false information? Knowing that big brother is watching is the first step in misleading the goons. It wouldn't be hard to do - just send a few false leads about a fake Tibetan Independence demonstration on the outskirts of Lhasa, and when the PLA garrison mobilizes to break things up, hold a big prison break from Drapchi Prison.

    Of course, whoever's keystrokes were monitored would probably get blamed. But, if they were at the "demonstration" without anything too inflammatory, how much more trouble would they really be in?

  14. George
    Jobs Horns

    Reminds me of the DOS attack on Ukraine

    Just another projection of state power into Cyberspace.

    The real question is this - has anyone reverse engineered the keystroke logging programs to transmit false information? Knowing that big brother is watching is the first step in misleading the goons. It wouldn't be hard to do - just send a few false leads about a fake Tibetan Independence demonstration on the outskirts of Lhasa, and when the PLA garrison mobilizes to break things up, hold a big prison break from Drapchi Prison.

    Of course, whoever's keystrokes were monitored would probably get blamed. But, if they were at the "demonstration" without anything too inflammatory, how much more trouble would they really be in?

This topic is closed for new posts.