[ISN] Titan Rain - how Chinese hackers targeted Whitehall

From: InfoSec News (alerts@private)
Date: Tue Sep 04 2007 - 22:08:00 PDT


http://www.guardian.co.uk/technology/2007/sep/04/news.internet

By Richard Norton-Taylor
The Guardian
September 5 2007

Chinese hackers, some believed to be from the People's Liberation Army, 
have been attacking the computer networks of British government 
departments, the Guardian has learned.

The attackers have hit the network at the Foreign Office as well as 
those in other key departments, according to Whitehall officials.

The Ministry of Defence declined yesterday to say whether it had been 
hit. An incident last year that shut down part of the House of Commons 
computer system, initially believed to be by an individual, was 
discovered to be the work of an organised Chinese hacking group, 
officials said.

Security and defence officials are coy about what they know of specific 
attacks. However, they say several Whitehall departments have fallen 
victim to China's cyberwarriors. One expert described it as a "constant 
ongoing problem".

The disclosures came after reports that the Chinese military had hacked 
into a Pentagon military computer network in June. The Financial Times 
said American officials called it the most successful cyber attack on 
the US defence department.

Defence department officials confirmed that there had been a "detected 
penetration" of elements of the email system used by the network serving 
the office of Robert Gates, the US defence secretary. US officials were 
reported to have said that an investigation had discovered that the 
People's Liberation Army (PLA) was responsible.

The US gave the codename "Titan Rain" to the growing number of Chinese 
attacks, notably directed at the Pentagon but also hitting other US 
government departments, over the past few years.

The latest attack caused some minor administrative disruptions, but 
there had been no adverse impact on operations, an official said.

Angela Merkel, Germany's chancellor, is reported to have raised the 
issue of Chinese attacks on her government's computers during a visit to 
Beijing. Officials here declined to say whether the British government 
had raised the issue with the Chinese authorities.

Alex Neill, China expert and head of the Asia Security Programme at the 
Royal United Services Institute, Rusi, said cyber attacks by the Chinese 
had been going on for at least four years. He described the reported 
attack on the Pentagon as the "most flagrant and brazen to date".

He said such attacks reflected a new doctrine of the PLA described as 
"pressure point warfare" - the attacking of specific nodes to leave the 
adversary paralysed.

The incidents should be seen against the background of the forthcoming 
17th Chinese Communist party congress, which could determine the next 
generation of leaders, and the PLA keen to flex its muscles, Mr Neill 
suggested.

The attacks on the Pentagon's computer system were described by Dr 
Sandra Bell, head of Rusi's homeland security department, as "very much 
a wake-up call". She added: "The Chinese see no difference between 
asymmetric warfare and conventional warfare".

Analysts have argued over the seriousness of the attacks, and China has 
officially denied responsibility. However, the latest attack was said by 
officials and analysts yesterday to be the most serious discovered so 
far.

Responsibility for advising government departments on how to protect 
their networks rests with MI5, GCHQ, and the Centre for the Protection 
of the National Infrastructure in the Cabinet Office.


____________________________________
Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 
http://conference.hitb.org/hitbsecconf2007kl/



This archive was generated by hypermail 2.1.3 : Tue Sep 04 2007 - 22:29:53 PDT