Forwarded from: Travis Good <tgoodat_private> http://www.taipeitimes.com/News/front/archives/2003/09/04/2003066387 By Ko Shu-ling STAFF REPORTER Thursday, Sep 04, 2003, China has launched a systematic information warfare campaign against Taiwan, spreading Trojan-horse programs into private companies' computers as a means to break into government databases, the Cabinet said yesterday. "National intelligence has indicated that an army of hackers based in China's Hubei and Fujian provinces has successfully spread 23 different Trojan horse programs to the networks 10 private high-tech companies here to use them as a springboard to break into at least 30 different government agencies and 50 private companies," Cabinet Spokesman Lin Chia-lung (ªL¨ÎÀs) said yesterday. The government agencies invaded by the Trojan-horse programs include the National Police Administration, the Ministry of National Defense, the Central Election Commission and the Central Bank of China. To minimize the damage, Premier Yu Shyi-kun yesterday instructed all central government agencies to scrutinize their computer systems and report to the authorities within two days. Those failing or refusing to comply with the order may face punishment. Yu made the remark yesterday morning during the weekly closed-door Cabinet meeting, in which Minister without Portfolio Tsai Ching-yen (½²²M«Û) briefed Yu on the matter. "Trojan-horse attacks are one of the most serious threats to computer security," Tsai said. "A computer user may have not only been attacked but may also be attacking others unknowingly." Because of the vast popularity and many weaknesses of the Windows operating system, most of the damage is done to Windows users, Tsai said. Although the National Information Task Force has warned government agencies to be on alert, Tsai said, some agencies have failed to take the warning seriously. "They either delayed reporting to authorities or tried to solve the problem themselves. It not only stalled our response efforts but also made the situation worse," Tsai said. Since it appears no government information has been stolen, Tsai said, the deployment of the program is likely aimed at paralyzing the nation's computer systems. "Of course there are other possibilities such as stealing sensitive government information in vast sums or preparing computers for future information warfare," he said. To help government agencies invaded by the program clean up the mess, Tsai said the National Information Security Committee plans to complete the programming of the anti-Trojan-horse software today. "We'll also post the solution manual on the Internet for the convenience of other countries facing the same problem," Tsai said, adding that Taiwan is the first country to have detected the program. Lee Hsiang-chen (§õ¬Û¦Ú), captain of the National Police Administration's Criminal Investigation Bureau, said the situation has been monitored 24 hours a day over the past two months. "We're glad that it has been detected before any damage was done," Lee said. "If there's any lesson from this experience, it is not to use software developed in China or hire Chinese computer programmers, because you're running the risk of having the software you use implanted with the Trojan-horse program," he said. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Sep 08 2003 - 01:06:15 PDT