Massive global cyberattack hits US hard: Who could have done it?
Cybersecurity firm McAfee says it infiltrated a 'command and control' server with detailed logs of five years of cyberattacks against targets ranging from the US government to the World Anti-Doping Agency. McAfee suggests a country was behind it. Experts suspect China.
(Page 3 of 3)
The attacks uncovered by McAfee fit the pattern of other attacks attributed to Chinese hackers. Among the best documented came in March 2009 when Canadian researchers identified 1,295 computers in 103 countries infected by spyware and operated by a “GhostNet” or network of computers. Unlike many viruses that infect randomly, the compromised computers of GhostNet belonged to high-value targets like embassies and nongovernmental organizations. Their common thread was the foreign policy concerns of China, the report found.Skip to next paragraph
Subscribe Today to the Monitor
In January 2010, Google reported that it and dozens of other companies had been victims of a hack it attributed to China. In February this year, McAfee reported that several multinational oil companies were victims of cyberespionage by Chinese hackers who downloaded sensitive data from their corporate networks, including the companies’ crown jewels – “bid data” detailing oil discoveries worldwide. In that case, McAfee fingered Chinese hackers as the likely culprits working on behalf of the government.
“We have strong evidence suggesting that the attackers were based in China,” McAfee's George Kurtz wrote in his blog at the time. “The tools, techniques, and network activities used in these attacks originate primarily in China. These tools are widely available on the Chinese Web forums and tend to be used extensively by Chinese hacker groups.”
In that report, McAfee did not identify the names of oil companies involved although other news organizations, including the Wall Street Journal, later reported the names of the five oil companies hit by the attacks.
That McAfee finding closely paralleled a January 2010 Monitor report that found cyberespionage attacks attributable to China had infiltrated computer networks belonging to at least three global oil giants – Marathon Oil, ExxonMobil, and ConocoPhillips. None of them realized the extent of the attacks that hit them in 2008 until the FBI alerted them that year and in early 2009, the Monitor reported at the time.
“Hacking is an international problem and China is also a victim,” Mr. Wang said in an e-mailed comment. “As a responsible player in cyberspace, China strongly supports international cooperation in cracking down on unlawful activities. The claims of so-called Chinese state support for hacking are completely fictitious, and arbitrarily blaming misdeeds on China is irresponsible and unacceptable.”