As they packed their briefcases for the Christmas break, Members of Parliament (MPs) in London were unaware they had been the targets of one of the most audacious hacking attempts ever mounted, as the world's oldest modern democracy came under a sustained attack aimed at stealing sensitive information. It was launched by cyber criminals almost certainly operating in China.
The hi-tech industrial espionage involved a series of innocuous-looking e-mails targeted at secretaries, researchers, parliamentary staff and even MPs themselves. Each one was specifically tailored to the individual who would receive it.
Once opened, these e-mails tried to download sophisticated spyware that hunts through the recipient's computer and network for potentially valuable documents, which would be automatically sent back to the hackers without the user's knowledge.
The attack, which took place earlier in 2005, was thwarted by the parliament's sophisticated internet security system; no sensitive data is thought to have been lost.
Instead, the House of Commons' IT security staff immediately alerted the UK's National Infrastructure Security Co-ordination Centre (NISCC), a powerful organization linked to UK counter- intelligence (MI5) that is responsible for protecting the UK's critical information systems. Security experts set up an exercise to monitor the attacks, and immediately realized the hackers were well resourced.
"These were not normal hackers," said a source close to the NISCC. "The degree of sophistication was extremely high. They were very clever programmers."
According to research by US investigators, the hackers are thought to have been based in Guangdong Province in southern China. UK and US security experts believe the hackers are working with the tacit approval -- or possibly even direct support -- of authorities in China and are attempting to acquire Western technology in a massive hit and run raid on the world's intellectual property to aid their booming economic growth.
The attack on the House of Commons may be the most eye-catching attack from Chinese-based hackers, but is certainly not unique.
According to a spokesman for MessageLabs, the company responsible for filtering malicious e-mail from government networks, similar spy emails -- called `targeted Trojans' -- were noticed about 18 months ago.
"There were not very many, maybe one every two months, but now they are coming in at the rate of one to two a week," said Maksym Schipka, MessageLab's senior anti-virus researcher.
Last June, the UK government sent out a warning in which Roger Cummings, the head of NISCC, spoke about the threat of attacks from far eastern gangs on the UK critical national infrastructure (CNI) -- the key network of transport, energy, financial, telecommunication and government organizations. At the end of November, Cummings warned that targeted Trojans from foreign powers were a significant threat.
In mid-December, the British Cabinet Office -- which has overall responsibility for UK ministries -- joined in the chorus at a conference at Glamorgan University. Senior civil servant Harvey Mattison, the head of accreditation for the Cabinet Office's Central Sponsor of Information Assurance, the unit responsible for protecting communications between government departments, gave a keynote address on the threat from the far east. "We were given the impression it was coming from one ISP in Guangdong," said a delegate.
Mattison declined to comment except to say that his address was based on details from the NISCC alert.
The UK is not the only country targeted. Key parts of the US have been targeted by far eastern hackers for up to five years. Some of the attacks -- codenamed Titan Rain -- have been traced to just 20 workstations and three routers in Guangdong.
Alan Paller, head of the Sans Institute, the US's top computer crime fighting organization, has stated categorically that the attacks emanate from China. He points to attacks in November 2004, during which hackers grabbed thousands of sensitive documents.
"Of course it's the [Chinese] government [that receives this information]. Governments will pay anything for control of other governments' computers," Paller said.
Other clues -- such as the focus on economic espionage -- suggest the attacks are not the work of run-of-the-mill hackers.
Privately, UK civil servants familiar with NISCC's investigation agree that the attacks on the UK and US are coming from China. This almost certainly means some state sanction or involvement -- perhaps even a "shopping list" of requirements.
Some of the attacks have been aimed at parts of the UK government dealing with human rights issues -- "a very odd target", according to one UK security source.
Meanwhile, the Sans Institute has raised the idea that the Titan Rain attacks might even have a military origin. For example, in the two-and-a-half years of investigation, the hackers never made a mistake.
Intriguingly, the Pentagon in its annual report of the military power of the People's Republic of China, published last year, noted the development of computer attack systems by China's military.
FRAUD ALLEGED: The leader of an opposition alliance made allegations of electoral irregularities and called for a protest in Tirana as European leaders are to meet Albanian Prime Minister Edi Rama’s Socialist Party scored a large victory in parliamentary elections, securing him his fourth term, official results showed late on Tuesday. The Socialist Party won 52.1 percent of the vote on Sunday compared with 34.2 percent for an alliance of opposition parties led by his main rival Sali Berisha, according to results released by the Albanian Central Election Commission. Diaspora votes have yet to be counted, but according to initial results, Rama was also leading there. According to projections, the Socialist Party could have more lawmakers than in 2021 elections. At the time, it won 74 seats in the
A Croatian town has come up with a novel solution to solve the issue of working parents when there are no public childcare spaces available: pay grandparents to do it. Samobor, near the capital, Zagreb, has become the first in the country to run a “Grandmother-Grandfather Service,” which pays 360 euros (US$400) a month per child. The scheme allows grandparents to top up their pension, but the authorities also hope it will boost family ties and tackle social isolation as the population ages. “The benefits are multiple,” Samobor Mayor Petra Skrobot told reporters. “Pensions are rather low and for parents it is sometimes
CONTROVERSY: During the performance of Israel’s entrant Yuval Raphael’s song ‘New Day Will Rise,’ loud whistles were heard and two people tried to get on stage Austria’s JJ yesterday won the Eurovision Song Contest, with his operatic song Wasted Love triumphing at the world’s biggest live music television event. After votes from national juries around Europe and viewers from across the continent and beyond, JJ gave Austria its first victory since bearded drag performer Conchita Wurst’s 2014 triumph. After the nail-biting drama as the votes were revealed running into yesterday morning, Austria finished with 436 points, ahead of Israel — whose participation drew protests — on 357 and Estonia on 356. “Thank you to you, Europe, for making my dreams come true,” 24-year-old countertenor JJ, whose
CANCER: Jose Mujica earned the moniker ‘world’s poorest president’ for giving away much of his salary and living a simple life on his farm, with his wife and dog Tributes poured in on Tuesday from across Latin America following the death of former Uruguayan president Jose “Pepe” Mujica, an ex-guerrilla fighter revered by the left for his humility and progressive politics. He was 89. Mujica, who spent a dozen years behind bars for revolutionary activity, lost his battle against cancer after announcing in January that the disease had spread and he would stop treatment. “With deep sorrow, we announce the passing of our comrade Pepe Mujica. President, activist, guide and leader. We will miss you greatly, old friend,” Uruguayan President Yamandu Orsi wrote on X. “Pepe, eternal,” a cyclist shouted out minutes later,
RSS