Mon, Jul 17, 2006 - Page 3 News List

Legislature rattled by `PLA' hacker attack

INFILTRATION An investigation bureau source said Fujian-based hackers had attacked computers in the offices of several legislators, but others denied that this was the case

By Shih Hsiu-chuan  /  STAFF REPORTER

A note on a piece of paper indicating that China-based hackers, presumed to belong to a special unit under China's People's Liberation Army (PLA), had broken into the legislature's computer system, has rattled cyber security personnel over the past two weeks.

Some legislative assistants said they received the note from the Ministry of Justice's Investigation Bureau (MJIB) on July 6, but the bureau refused to confirm that it had sent the note.

Security concerns

According to the note, a backdoor program installed on 24 different computers in the offices of legislators from across party lines -- including one used by Legislative Speaker Wang Jin-pyng's (王金平) assistant -- could lead to a breach of confidential information.

"We have located the hackers and discovered that they were PLA officials based in Fujian Province," an anonymous source from the bureau was quoted by Lin Hong-chan (林宏展), a legislator's assistant, as saying.

An official with the MJIB's Computer Crime Prevention Center, who asked not to be named, told the Taipei Times in a telephone interview that the agency was aware of the situation and had warned some legislators of the attack.

Tracing the attack

Lin said the problem came to light because the MJIB found that some e-mails dispatched from a relay station based in the US had been sent in the name of Taiwan's legislators.

"They [MJIB special agents] traced the origin of those e-mails and found out it was Fujian-based hackers who had used a specially designed attack Web site to install a Trojan horse program on legislators' office computers," Lin said.

The note said that computers used in the offices of Chinese Nationalist Party (KMT) Legislator Su Chi (蘇起), Democratic Progressive Party (DPP) Legislator Chen Chin-jun (陳景峻), Taiwan Solidarity Union (TSU) Legislator Yin Ling-ying (尹玲瑛) and 12 other legislators had all been infected with a Trojan horse.

The Trojan horse program also entered some computers in the offices of the DPP and TSU legislative caucuses, according to the note.

Lee Ming-yueh (李明岳), Chen Chin-jun's assistant, said further discussion was warranted regarding why the computers had been targeted.

"Two computers out of six in our office were attacked. One was for keeping the legislator's schedule and the other was for receiving and sending all documents," he said.

He added: "The computer that was attacked in the [DPP] caucus office was used by an assistant who is in charge of gathering all information and reporting to the head of the caucus."

Inside help?

Lee's concern led to a presumption that the attack was not launched by Chinese hackers alone. Rather, the hackers had possibly collaborated with legislative staff.

"We haven't ruled out that there might be internal personnel involved in the matter, but we don't know this for sure at the moment," said Chen Hsi-yang (陳熙揚), director of the Information and Technology Department at the legislature.

Chen Shi-yang said that the legislature has set up firewalls, which can prevent the Chinese hackers from getting inside its computers.

"We installed a virus scanner for e-mails coming in and out of the legislature. Also, we used Dynamic Host Configuration Protocol [DHCP] to dynamically allocate IP addresses, meaning that there is no way that outside hackers can know any single IP address belonging to the legislature's computers and select their targets," he said.

This story has been viewed 5798 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top