[+] Wayc0de's Blog[+]

10/08/11

More Cyberterrorism – Taiwan Political Party Accuses China of Hacking

Well there hasn’t been a whole lot of news the last couple of days apart from the London riots – which don’t have much of a technical spin. The only technical part is that the looters/rioters etc seem to be organizing themselves using BBM (BlackBerry Messenger) and Twitter.

The former being rather smart as it’s encrypted and sent via a 3rd party network – so it’s not open to wiretapping. It’s unlikely the tracksuit wearing chavs & hoodies know that, but still – it’s keeping them safe. Posting videos/pictures of themselves on public Twitter and Facebook accounts is not so smart though and will surely lead to some arrests.

Anyway that’s not the topic here, the topic here is another politically motivated hacking attack – what we would commonly call cyberterrorism.

A Taiwanese political party suspects the Chinese government is behind a hacking attack that stole information about the party’s election activities.

Taiwan’s Democratic Progressive Party (DPP) said on Tuesday that some of the attacks had been traced to China’s Xinhua News Agency, a state-run press group. The attack operated as a phishing campaign, in which DPP staffers were sent e-mails by hackers who attempted to impersonate other party employees. The staffers were then told to open the e-mail attachments, which secretly contained viruses to monitor the computers, a DPP spokeswoman said.
The DPP alleges the attacks were routed from the Xinhua News Agency through Malaysia and Australia. The attacks were also traced to IP addresses from the Chinese mainland. The Xinhua News Agency was contacted for response, but has yet to an issue a comment.

IT security experts have said the attacks were part of a state-sponsored hacking attempt, according to the DPP. “Already many countries and security groups have said the attacks from China’s cyber army are well organized and that a state actor guides and supports them,” the DPP said in statement issued on the party’s website.
As we all know, Taiwan and China are not really the best of friends with China claiming Taiwan to be part of it and Taiwan not quite agreeing. In China they fully act like Taiwan is just another state/province in China.

This time it seems to be a state run Chinese news agency (Xinhua) attacking Taiwan’s Democratic Progressive Party (commonly know as DPP).

These are of course at this time just claims, and it’ll probably stay that way as there’s no conclusive proof in these kind of situations.
China is already in the spotlight for cyber attacks after security vendor McAfee reported a massive cyber attack that stole sensitive information from 72 companies and organizations. Although McAfee did not name the group behind the hacking attempts, security experts have pointed fingers at China because of the organizations targeted. China, however, has repeatedly denied it sponsors any kind of hacking.

A DPP spokeswoman said the phishing attacks have been an ongoing problem, but that it appears more of the recent hacking attempts have been coming from China.

Taiwan and China separated in 1949 after a civil war. While China’s ruling communist party seeks for reunification with the island, the DPP supports Taiwan becoming its own nation, putting the two at odds with one another.

The DPP said on Tuesday it also traced hacking attempts to Taiwan’s own Research, Development and Evaluation Commission and called for the commission to investigate. The commission could not be reached for immediate comment.
China have been in the spotlight fairly recently with some very widespread phishing attacks including – Targeted Phishing Attacks Carried Out On Gmail – Likely From China.

It seems like these kinds of games will be going on forever including hacktivism, cyberterrorism, defacement in the name of certain causes and all kinds of other naughty business.

With so much information on computers now it’s no surprise, I’d like to see these kind of organisations having better infosec policies though including awareness training for all staff with access to e-mail accounts and computers.

nb : darknet

Tidak ada komentar:

Posting Komentar