Posted by Avik Sarkar
On 12/13/2013 01:23:00 am
Researchers At FireEye Found -Chinese Hackers Snitching Europeans Before G20 Summit
Story of cyber espionage by Chinese hackers used
to remain one of most highest pick of breakneck. Yet again
another breathtaking issue of eavesdropping by Chinese hackers
get spot light, when California-based renounced computer
security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries
before last September's G20 Summit, which was dominated by the Syrian crisis.
From the detailed analysis we came to know that the hackers
have infiltrated the ministries' computer networks by sending emails to
staff containing tainted files with titles such as
"US_military_options_in_Syria," which sells virus fighting technology
to companies. Whenever the targeted recipients opened those documents,
they loaded malicious code on to their personal computers. Researchers of
FireEye said that they were able to monitor the "inner workings"
of the main computer server used by the hackers to conduct their reconnaissance
and move across compromised systems for about a week in the late August. But
suddenly they lost access to the hackers after they moved to another server
shortly before the G20 Summit in St. Petersburg, Russia.
Though the company has
declined in open press to identify the nations whose ministries were hacked,
although it said they were all members of the European Union. But FireEye
informed the FBI about the whole issue in details. FireEye also confirmed
that the hackers where from China, but they did not find evidence which may
link those hackers to the Chinese government. Not surprisingly and obviously
like earlier the Chinese government has distanced itself from any claim that it
might have hacked foreign governments for data. FireEye also successfully
monitor several dozen hacking groups operating in China, most of which they
suspect of having ties to the government. The firms also suspect the hacking
groups of stealing intellectual property for commercial gain.
The researchers had
been following the hackers behind the Syria-related attack for several years,
but this is the first time the group's activities have been publicly
documented. The company calls the group "Ke3chang," after the name of
one of the files it uses in one of its pieces of malicious software. "The
theme of the attacks was U.S. military intervention in Syria," said
FireEye researcher Nart Villeneuv.
On
reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S.
internet companies are keen on hyping up the so-called hacker threat from
China, but they never obtain irrefutable proof, and what so-called evidence
they do get is widely doubted by experts. This is neither professional nor
responsible,"
While
talking in this story of Chinese eavesdropping, I also want to dig some
points from decent parts where we all became very habituated of seeing Europe
& U.S. countries blaming China for engaging cyber attacks; and China also
do the same for accusing U.S. like vice versa. I am reviving your memories
of last few years where If you look at the
story of major cyber attacks of this year we will find that the name of China
has been involved several times for engaging cyber attacks
against several high profile websites and organization of U.S.
including New
York Times, Twitter, NBC and
so on. And if you refresh our memory then then we will find
the scenario of big cyber attack and espionage by Chinese
hackers have been spotted
several times. In 2012 Chinese hackers had breached Telvent's corporate network &
gained control of US
Power Grid. Also in the middle of last year, we have seen that Chinese
hackers have broken into Indian Navy's Computer System & stolen
sensitive data. Few months before this hack, Tokyo based
computer security firm Trend Micro confirmed that Chinese hackers were responsible
for biggest cyber-espionage in India, Japan & Tibet.
Also the director of National
Security Agency (NSA) General Keith Alexander confirmed that
hackers from China was responsible for the serious attack on one of the leading
IT security & cyber security company RSA. Also
in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on. But few days
ago National Computer Network Emergency Response Coordination Center of China
(CNCERT/CC), China's primary computer security monitoring network claimed that
China fallen victim of one of biggest cyber attacks originated from US, Japan
& South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator
have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea
more than 13 Million of MapleStory players data has been
stolen, there also hackers from China was responsible.
Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hacking & eavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 3/15/2013 12:49:00 am
White House Calls China to Stop Hacking & Cyber Espionage Against U.S.
The story of
cyber espionage by
Chinese hackers used to remain on the spot light due to its consistency, but now the situation get nasty and takes a new way as the national security adviser of
U.S. President Obama directly pointed his finger to
China. Many of our readers might take this issue lightly as earlier China has been blamed for engaging
cyber attacks against different countries for many times. But this time there is a twist as the U.S. government vows to take the issue in a very serious manner. In his speech the national security advisory
Tom Donilon said that
"The international community cannot afford to tolerate such activity from any country," Like earlier China has denied any type of involvement and condemned the report for lack of hard evidence. But this time such reaction will not at all be entertained as the president said in the State of the Union,
"we will take action to protect our economy against cyberthreats." The above two statements can be taken in both friendly warning or also in a serious threat.
The White House already warned China to end the campaign of cyber espionage against U.S. companies, saying in its toughest language yet on the issue that the hacking activity threatens to derail efforts to build stronger ties between the two countries.
Donilon did not directly accuse the Chinese government of launching the attacks on U.S. computer systems, only noting that the attacks are coming from inside the country. "Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," he said. Another important message came from the Obama administration saying United States “will not accept North Korea as a nuclear state” and called on Chinese leaders to get serious about cracking down on cyber-related crimes.
While covering this story we would like to remind you that couple of weeks ago Chinese officials issued a
same complain against United States where they blamed U.S. for engaging massive
cyber attacks against Chinese
military and defense system. If you look at the story of major cyber attacks of last few days we will find that the name of China has been involved
several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on. But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.
-Source (The Hill, Cnet & WT)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 3/04/2013 08:31:00 pm
China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers
We all are very much familiar of hearing the story of cyber
espionage and
cyber attacks originated from
China by
Chinese hackers. Where many countries across the globe have fallen victim like U.S.
India,
Japan,
South Korea, many
European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like
defense, army, military were targeted and hit by
hackers from United States. According to some
classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China;
Mr. Geng Yansheng said that -
more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said
he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.
"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's
Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities.
In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including
New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on. But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.
After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 2/03/2013 01:54:00 am
Chinese Hackers Breached New York Times & Stolen Employee's Password
Yet again the story of
cyber espionage by
Chinese hackers spotted in the wild, when the famous and one of the most popular American news daily
reported that their system has been compromised by a round of sophisticated
cyber attack generated from
China. After the
hack of
White House unclassified network, it is the
second time in last six month; when Chinese hackers have targeted the American
cyber space.
The New York Times has reported that for the
last four months Chinese hackers have been infiltrating its networks, broken into the email accounts of senior staff, stolen the corporate passwords for every Times employee and used those to gain access to the personal computers of more than 50 employees.
According to a
blog post of NYT - The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.
Cyber Espionage of China (2011-2012) at a Glance:-
While talking about this cyber attack, we would like to refresh your memory last two years, where the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on. But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.
All those above stories it has been clearly identified that China was the point of those said attacks, but it doesn't necessarily prove that it the operation is backed by the Chinese government or intelligence services. It could just as easily be a patriotic group of skilled, independent Chinese hackers upset with how the Western media is portraying their country's rulers. For all kind of cyber related topics and expert reviews on those matters just stay tuned with only VOGH.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 10/03/2012 04:37:00 am
White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing
Another cyber espionage generated from China targeted the White House. U.S. government computers reportedly including systems used by the military for nuclear commands were breached by Chinese hackers. The White House it self confirmed the breach, while saying that hackers indeed made an attempt to infiltrate its computer system, but says it thwarted the effort and that no classified networks were threatened. Also the security breach did not appear to have stolen any data. White House spokesman Jay Carney told reporters the White House is equipped with mitigation measures that identified the attack, isolated it and prevented its spread. He said there was no indication that any data was removed. “There are distinctions between those networks that contain classified information and those that don’t, and the attack was against an unclassified network,” Carney said.
The hackers breached the network by using a technique known as spear phishing, in which they target victims who have access to sensitive computer networks by sending personalized emails that appear to come from trusted sources. Once the victims click on the bogus attachment or link, the hackers can install malicious software on the PCs to spy on users and steal data. A law enforcement official who works with members of the White House Military Office confirmed the Chinese attack to press on Monday, but it remains unclear what information, if any, was taken or left behind. But still The White House officially did not say whether the recent attack was linked to China or not.
"This [White House Communications Agency] guy opened an email he wasn't supposed to open," the source said. That email contained a spear phishing attack from a computer server in China, the law enforcement source told the press. The attack was first reported by the conservative blog Free Beacon. Spear phishing involves the use of messages disguised to appear as valid; in fact, they contain targeted, malicious attempts to access sensitive or confidential information.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 9/30/2012 03:12:00 am
Chinese Hackers Breached Telvent's Corporate Network & Gained Control of US Power Grid
Telvent - the maker of
power-grid control systems and smart meters and whose software and services remotely administers and monitor large sections of the
US energy industry has began warning its customers about a
sophisticated hacker attack originated from
China. Telvent, a division of Schneider Electric, has admitted
hackers breached its corporate network, implanted malicious software and lifted sensitive project files. The raid spanned Telvent systems in the US, Canada and Spain, according to a letter sent to the company's customers this month. Criminals can now study the documents for vulnerabilities in the systems, and potentially devise attacks to sabotage nations' electricity distribution networks. It looks like the hackers managed to get past the company firewall and security systems. In letters sent to customers last week, Telvent Canada said the attack happened on
September the 10th.
The attackers installed malicious software and stole project files related to one of its core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced “smart grid” technologies. The company said it was disconnecting the usual data links between clients and affected portions of its internal networks. Meanwhile it is looking for virus or malware files. Telvent has cut data links between at-risk portions of its internal network and clients' systems as a precaution while it probes the breach. Police have been called in to investigate the attack.
In a report
The Register said -Dale Peterson, founder and chief of industrial control security
specialist Digital Bond, spelled out the kinds of information present in
the lifted documents. "Some project files contain the 'recipe' for the operations of a
customer, describing calculations and frequencies at which systems run
or when they should be turned on or off," He told press. "If you're going to do a sophisticated attack, you get the project
file and study it and decide how you want to modify the pieces of the
operation. Then you modify the project file and load it [onto a
company's control system], and they're not running what they think
they're running."
While talking about
US power grid, we would like to remind you that, earlier researcher have warned about several
security holes in power which could even allow an attacker to shutdown the entire system. Soon after this story made public,
National Security Agency (NSA) suspected that hacktivist
Anonymous may
target the Entire U.S. Power Grid. What ever such massacre did not happen, and Anon said they are not interested to hit power industry.
Chinese Hackers Behind Some Biggest Cyber Espionage:-
The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 7/30/2012 01:52:00 am
KT Corp. -South Korea's No. 2 Wireless Service Provider Hacked, 8.7 Million Subscriber Effected
Yet again South Korea became victim of cyber-attack. Few days ago hacker collective Anonymous attacked Australian internet service provider named AAPT and stolen 40GB user data. After AAPT another service provide named 'KT Corp.' which is the second largest wireless service provider in South Korea became victim to cyber-criminals. Authority of KT Corp apologized after personal data of millions of mobile phone subscribers was hacked. "We deeply apologize for worrying you," KT said in a statement. The company said it had blocked any further illegal access to data. The hacking began in February this year.
It is the latest in a string of large-scale personal information hacking cases in one of the world's most wired countries. Police said two computer programmers had been arrested for hacking personal data of about 8.7 million KT subscribers. KT claims a mobile service subscription membership of 16 million. Police were also investigating seven others suspected of having purchased and used the hacked KT data, which included names, resident registration numbers and phone numbers. We would like to remind you that last year another massive cyberattack generated from China stolen personal details of more than 13 Million of MapleStory players. After that hack this one is the second largest attack which infected millions of South Korean people.
In the last few months there have been a slew of attacks against the following sites: Yahoo, LinkedIn,eHarmony, Android Forums, Formspring, Nvidia and Gamigo which infected total of almost 50 Millions of users world wide. This hack on KT corporation again establishing that security experts are far behind from cyber-criminals. Stay tuned with VOGH for all the latest information and updates on cyber-security & hacking news.
-Source (Reuters)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 7/06/2012 07:07:00 pm
VOGH Exclusive:- Chinese Hackers Broke Into Indian Navy's Computer System & Stolen Sensitive Data
Again cyber criminals from China targeted Indian cyber fence. This time Indian Navy have fallen victim of this cyber espionage. According to sources hackers have broken into sensitive naval computer systems in and around Visakhapatnam, the headquarters of the Eastern Naval Command, and planted malware that relayed confidential data to IP addresses in China. There is, to date, nothing known about the data thieves. Primary investigation revealed that the classified data has been leaked and that the breach may have occurred as a result of the use of USB flash storage on important systems. The Navy and other armed forces store sensitive data on standalone systems, unconnected to the internet and supposedly with no free USB ports where a flash drive could be plugged in.
The malware is reported to have created a hidden folder on the USB flash drives. When the drive was plugged into a Navy system, the malware searched for files based on particular key words it had been configured to look for. These files were then copied to the flash drive where they would remain hidden. When the drive was plugged into a system which was connected to the internet, the malware would then begin to transfer the files to a specific IP address. The extent of the loss is still being ascertained, and officials said it was “premature at this stage” to comment on the sensitivity of the compromised data. But the Navy has completed a Board of Inquiry (BoI) which is believed to have indicted at least six mid-level officers for procedural lapses that led to the security breach. Navy official also said: “An inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hack ers worldwide.”
The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
