[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] Computer System Under Attack: Commerce Department Targeted; Hackers Traced to China

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] Computer System Under Attack: Commerce Department Targeted; Hackers Traced to China
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Sat, 07 Oct 2006 05:36:06 +0200
Mailing-list: contact infowar - de-help -! - infopeace - de; run by ezmlm

http://www.washingtonpost.com/wp-dyn/content/article/2006/10/05/AR2006100501781_pf.html

Computer System Under Attack
Commerce Department Targeted; Hackers Traced to China

By Alan Sipress
Washington Post Staff Writer
Friday, October 6, 2006; A21

Hackers operating through Chinese Internet servers have launched adebilitating attack on the computer system of a sensitive CommerceDepartment bureau, forcing it to replace hundreds of workstations andblock employees from regular use of the Internet for more than a month,Commerce officials said yesterday.

The attack targeted the computers of the Bureau of Industry and Security,which is responsible for controlling U.S. exports of commodities, softwareand technology having both commercial and military uses. The bureau hasstepped up its activity in regulating trade with China in recent years asthe United States increased its exports of such dual-use items to thegrowing Chinese market.

This marked the second time in recent months that U.S. officials confirmedthat a major attack traced to China had succeeded in penetratinggovernment computers.

"Through established security procedures, BIS discovered a targeted effortto gain access to BIS user accounts," said Commerce Department spokesmanRichard Mills. "We have no evidence that BIS data has been lost orcompromised."

The significance of the attacks was underscored in a series of e-mailssent to BIS employees by acting Undersecretary of Commerce Mark Foulonsince July, informing them of "a number of serious threats to theintegrity of our systems and data." In an August e-mail, Foulon reportedthat the bureau had "identified several successful attempts to attackunattended BIS workstations during the overnight hours." Then, early lastmonth, he wrote: "It has become clear that Internet access in itself is avulnerability that we cannot mitigate. We have tried incremental steps andthey have proven insufficient."

A source familiar with the security breach said the hackers had penetratedthe computers with a "rootkit" program, a stealthy form of software thatallows attackers to mask their presence and then gain privileged access tothe computer system. The attacks were traced to Web sites registered onChinese Internet service providers, Commerce officials said. "Wedetermined they were owned by the Chinese," a senior Commerce officialsaid. He did not say who in China was responsible or whether officials hadeven been able to identify the culprits. Although bureau employees wereinformed of the problem in July, commerce officials declined to say whenthe attacks were discovered and how long they had been going on. Only overtime did bureau officials realize the extent of the damage from the breach.


"The more we learned, the more we did," the senior official said.

Since Sept. 1, the bureau has blocked employees from accessing theInternet from their own computers. Instead, several separate computersunconnected to the BIS computer network have been set up so employees cantry to continue carrying out their duties.

Commerce officials have also decided they cannot salvage the workstationsthat employees had been using and instead will build an entirely newsystem for the bureau in the coming months with "clean hardware and cleansoftware," the senior official said. Foulon told employees in late Augustthat they hoped to replace all the bureau's workstations within three months.

The official acknowledged that some of the emergency measures have made itmore difficult for the bureau to communicate with other governmentagencies and the public, including companies that turn to BIS for exportlicenses.

In July, the State Department confirmed that hackers in China had brokeninto its computers in Washington and overseas. Last year, U.S. officialsreported that the Defense Department and other U.S. agencies were underrelentless attack from unidentified computers in China.

China has long been a focus of high-level attention at BIS and was thedestination for the largest number of licenses approved by the bureau in2004, according to the bureau's most recent annual report. In weighingapplications for licenses, bureau officials seek to protect U.S. nationalsecurity interests without hamstringing legitimate commercial trade.

Commerce officials recently reported that they had taken significant stepsto enhance computer security at the department, both by deploying newsoftware and improving the management of the system.

These steps came after the General Accounting Office (since renamed theGovernment Accountability Office) issued a scathing report five years ago,which concluded that "significant and pervasive computer securityweaknesses place Department of Commerce systems at risk." The report foundthat outsiders could gain unauthorized access to the computer system andaccess confidential data. "Intruders could disrupt the operations ofsystems that are critical to the mission of the department," the report found.



---------------------------------------------------------------------
To unsubscribe, e-mail: infowar -
de-unsubscribe -!
- infopeace -
de
For additional commands, e-mail: infowar -
de-help -!
- infopeace -
de

Prev by Date: [infowar.de] TERMINATOR T1.0
Next by Date: [infowar.de] Anti-U.S. Attack Videos Spread on the Internet
Previous by thread: [infowar.de] TERMINATOR T1.0
Next by thread: [infowar.de] Anti-U.S. Attack Videos Spread on the Internet
Index(es):
- Date
- Thread