http://www.computerweekly.com/Articles/2006/11/21/220089/Foreign+intelligence+agents+hacking+UK+businesses%2c+government.htm By Bill Goodwin 21 November 2006 Senior government officials have warned businesses that foreign intelligence services are using sophisticated electronic attacks to steal sensitive financial and technological secrets from their IT systems. Overseas intelligence agencies engaged in economic espionage are targeting UK firms for technical information and details of contract bids from major firms, they said. The attacks are thought to originate from countries including China, North Korea and former Soviet states. The National Infrastructure Security Co-ordination Centre (NISCC) said the attacks have increased over the past 12 months. "The scale of these attacks requires a processing capability which suggests this is not a cottage industry. There is no sector of the critical national infrastructure that we have not seen targeted. If all of those attacks were successful, we are talking about huge amounts of information being accessed," said NISCC director Roger Cumming. "In a lot of cases the attacks aim to provide the parties with a technological advantage, and to gain access to scientific and technical information. In some cases there have been attacks against government." Government security officials believe that overseas intelligence agencies are investing significant resources in identifying people in an organisation who have access to the data they want. They use social engineering techniques to trick staff into opening e-mails or plugging in USB memory sticks to infect computers with hacking tools, the NISCC said. The attacks make use of unrecorded vulnerabilities, known as zero-day attacks, which evade anti-virus and anti-spyware systems. Intelligence officials have identified attacks against critical businesses by monitoring news reports for information that has been leaked about firms and matching the leaks against computer security logs. The NISCC has held behind the scenes talks with business groups about the attacks, which in the past have been mistakenly attributed to organised criminal groups. It is urging them to update their risk management strategies to reflect the risks posed by well-funded overseas intelligence services. "Understanding what is important in your organisation is crucial. Remember, these are not random attacks. They are going after information that is important to them," said Cumming. Allan Paller, director of US security advisory organisation the Sans Institute, said evidence from the US showed that foreign intelligence services had penetrated US government computer systems. He advised businesses to respond to threats by carrying out mock phishing attacks within their organisations to educate staff. An exercise by New York State found that 80% of staff fell for the e-mails, but this was cut by half when the exercise was repeated, he said. The NISCC, which monitors the security of firms responsible for critical services, such as energy and transport, has appealed to businesses in other sectors that are attacked to report it. All reports will be treated as confidential, it said. _________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Tue Nov 21 2006 - 23:20:19 PST