Simply Security - News, Views, and Opinions from Trend Micro

Posted on February 8th, 2012 in Government Policy by Simply Security | Be the first to comment | Tags: Current News

A prolonged attack against the U.S. Chamber of Commerce was recently revealed.

It was recently revealed that the U.S. Chamber of Commerce, the nation’s top organization for business lobbying, suffered a prolonged cyberattack at the hands of Chinese hackers that lasted as long as six months.

First reported by the Wall Street Journal, it was initially uncovered in May 2010. The newspaper stated that the widespread and sophisticated attack involved more than 300 Internet addresses and provided cybercriminals with access to all of the information contained on the Chamber of Commerce’s networks.

Shortly after its discovery through Internet security measures, the attack was shut down and quietly dealt with by the national organization. The newspaper called the incident “one of the boldest known infiltrations” of a U.S. organization.

“The Chamber moved to shut down the hacking operation by unplugging and destroying some computers and overhauling its security system,” according to the Wall Street Journal. “The security revamp was timed for a 36-hour period over one weekend when the hackers, who kept regular working hours, were expected to be off duty.”

Even more than a year later, it remains unclear exactly what information was viewed by or stolen by the hackers or even their affiliation. Citing an anonymous source close to the Chamber of Commerce, the Journal reported that the group has known ties to the Chinese government. Such allegations were refuted by both the Chinese Embassy and the Asian superpower’s Foreign Ministry.

Ties between China and the U.S. are already strained, and a revelation as serious as this data security incident won’t do much in the way in building the relationship.

Already last month, it was revealed that a U.S. intelligence report pegged China as the country most responsible for cyber theft and economic espionage. That was announced as part of a study from the National Counterintelligence Executive, which handles the U.S. government’s responses to foreign spying.

It said that hackers stationed in China and Russia are constantly after secrets pertaining to American technology and industry. As a result, nearly $400 billion in U.S. research spending has been jeopardized, according to the report.

“The nations of China and Russia, through their intelligence services and through their corporations, are attacking our research and development,” U.S. National Counterintelligence Executive Robert Bryant said, upon unveiling his office’s report. “If we build their economies on our information, I don’t think that’s right.”

In the case of the Chamber of Commerce incident, it was discovered that attacks were focused on four employees who worked on the organization’s Asia policy. An investigation revealed that six weeks of the employees’ emails had been stolen by the hackers.

Beyond that, however, the full extent of the damage done against the Chamber has been difficult to assess, according to the Wall Street Journal. However, it’s become obvious that whomever was responsible knew exactly what they were after and whom should be targeted to gain access to the appropriate infromation.

“What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence,” the Chamber’s chief operating officer David Chavern said.

Shortly after the U.S. intelligence report was released in November, members of the Chinese government fired back against its claims, calling it “irresponsible” for pegging the majority of cyber espionage on China and Russia. According to Reuters, Chinese Foreign Ministry spokesman Hong Lei said such accusations are difficult to prove given the anonymity that is the norm in cyberspace.

Security News from SimplySecurity.com by Trend Micro