What's new

China cyberspies suspected in new caper: what has experts worried

JayAtl

BANNED
Joined
Nov 18, 2010
Messages
8,812
Reaction score
-14
A China-based cyberespionage gang is suspected in the hacking of a major industrial control system firm in Canada. Experts warn the theft could facilitate creation of a cyberweapon.



A China-based cyberespionage gang has been linked to the infiltration of networks belonging to Telvent Canada, a major industrial control system company, in a case that some experts warn could facilitate creation of a dangerous cyberweapon.

The cyberspies, thought to be from a gang that security researchers call the "Comment Group" or sometimes the "Shanghai group," slipped past a corporate firewall, installing malicious software on the network – then snatched project files related to one of Telvent's major software products, according to KrebsOnSecurity, a cybersecurity blog that first reported the breach Wednesday.

As cyberespionage hacks that become public go – Google created a furor when it said it had been hacked by Chinese cyber spies in early 2010 and at least some of its vital source code had been stolen – it's been a relatively low-key news event so far.

The Telvent hack became public Wednesday on the cybersecurity blog and was later confirmed by Telvent's parent, Paris-based Schneider Electric.

"Telvent is actively working with law enforcement, security specialists and its affected customers to ensure the breach has been contained," Schneider Electric said. Just this month, Telvent announced a new relationship with Foxboro, Mass.-based Industrial Defender, a control systems security company.

But some cybersecurity professionals are waving a red flag over the Telvent hack. Dale Peterson, CEO of Digital Bond, a leading industrial control systems (ICS) security company in Sunrise Fla, says the Telvent attack looks much like one fragment of a far larger campaign targeting ICS vendors, whose products run the nation's critical industrial processes: pipelines, refineries, chemical plants, factories, and the electric grid.

Typically, stolen software code might help a perpetrator to leapfrog its competition in the global marketplace. But in the Telvent case the theft could facilitate creation of highly reliable and dangerous cyberweapons, he and other control system experts agree.

The apparent target of the Telvent attack was the firm's OASyS SCADA software program, which is used to operate an array of equipment from gas pipelines to the power grid.

Telvent has a huge footprint in the oil and gas industry – and an important role in the emerging “smartgrid” that more efficiently coordinates energy distribution. Its software allows old and new software to speak to each other – and control critical systems. But if captured, the source code from such a product could be used to far more easily develop potent cyberweapons akin to Stuxnet, a hyper-sophisticated software weapon that experts say destroyed 1,000 Iranian nuclear centrifuges.

"The attackers used their presence on the Telvent network to download the customer project files for a future attack – think future Stuxnet," Mr. Peterson writes in his blog. "If an attacker were going to attack a process in a sophisticated manner they would need time and talent to study the project files and essentially reverse engineer the process."

As to the question of who did the dirty deed, China's "Comment Group" is the leading suspect, according to an analysis by Joe Stewart of Dell Secureworks, an expert in tracking cyberespionage attacks. Data from the Telvent hack appears identical in certain key respects to digital signatures left by a Chinese cyberespionage gang many call the Comment Group, but which Mr. Stewart calls the Shanghai Group.

Stewart, however, has not yet analyzed the malware that infected Telvent and other signatures. So his opinion is based on a Telvent document listing digital signatures that was provided to him by Brian Krebs, the security blogger. Among that data are signatures Stewart has, over several years, tracked back through cyberspace to the Comment Crew.

"The file names, malware families and domains listed are related to a trojan that then maps back to the Comment group," says Elizabeth Clarke, a Dell SecureWorks spokeswoman speaking on behalf of Stewart.

Other industrial control system security companies have recently been hit by so-called “spear phishing” fake e-mail attacks that, like Telvent, used malware undetectable by ordinary antivirus screening.

In June, Digital Bond was targeted by a spear-phishing e-mail that contained malware. The firm caught it, however, before it got onto the company network. Energy Sector Security Consortium, an Oregon-based nonprofit group that supports the energy industry in securing critical technology infrastructures, was also hit, Peterson says.

"They are going after the ICS energy sector, and Telvent is almost certainly not the only vendor being targeted or compromised," Peterson says.
"In fact, I would be worried if a large asset owner or vendor in the energy sector is not detecting these attacks. Little Digital Bond and nonprofit EnergySec must be rather low on the list of energy sector ICS targets."

China cyberspies suspected in new caper: what has experts worried - Yahoo! News
-------------------------------------------------------

GOVT backed cyber stealing from China...beware anyone who has worked hard at building anything / developing anything...
 
.
Wonder what Chinese Canadian think of china stealing technologies through cyber attacks and destroying the Canadian economy. where do their loyalties lie? hmmm...
 
.
Wonder what Chinese Canadian think of china stealing technologies through cyber attacks and destroying the Canadian economy. where do their loyalties lie? hmmm...


I wonder what rational Indians think of you. BTW you should change the India flag to the US flag too, this way you won't embarrass India.
 
.
You know, the actual number of hacking incidents is probably a magnitude or two greater than what's reported, because companies are reluctant to admit they've been hacked and the stocks will slump.

Hackers Linked to China

Group Apart

What sets the Comment group apart is the frenetic pace of its operations. The attacks documented last summer represent a fragment of the Comment group’s conquests, which stretch back at least to 2002, according to incident reports and interviews with investigators. Milpitas, California-based FireEye Inc. alone has tracked hundreds of victims in the last three years and estimates the group has hacked more than 1,000 organizations, said Alex Lanstein, a senior security researcher.

Stolen information is flowing out of the networks of law firms, investment banks, oil companies, drug makers, and high technology manufacturers in such significant quantities that intelligence officials now say it could cause long-term harm to U.S. and European economies.


On the bright side, such actions is a boon to the development of cyber-espionage technologies with the never-ending race to come out on top in this competitive field.
 
.
I wonder what rational Indians think of you. BTW you should change the India flag to the US flag too, this way you won't embarrass India.

... now can you speak to the topic at hand. How's does it feel to be the pariah nation that steals others people hard earned development?
 
.
... now can you speak to the topic at hand. How's does it feel to be the pariah nation that steals others people hard earned development?

Hey, if China is a pariah nation then don't trade with it. In fact you can be the first to demonstrate your commitment and resolve by immediately dumping everything and anything you own that has a 'Made in China' label on it :no:
 
.
Hey, if China is a pariah nation then don't trade with it. In fact you can be the first to demonstrate your commitment and resolve by immediately dumping everything and anything you own that has a 'Made in China' label on it :no:

I don't have any made in China product that I buy- well maybe some broken toys that my kid has are made in China at best. thank you .

How do you feel about your country stealing other people's hard work?
 
.
I don't have any made in China product that I buy- well maybe some broken toys that my kid has are made in China at best. thank you .

How do you feel about your country stealing other people's hard work?

I highly doubt that you don't own a single product that isn't made in China, especially since you live in the U.S.

Also, espionage and taking ideas from others is hardly a new concept in the world. However, we can let the laws of economics work it out. Companies can choose to brand their products differently and develop confidence in their product quality to out compete the copycats. Those who can't adapt will be left in the dust. That's how it's always been and how it will continue to be in the future.
 
.
China is the best one to be a scapegoat, from the fail of India's second-hand aircraft carrier to Hacker, and all the world hacker know that, and like to fake IP of China;

FBI had said that one China school was the biggest base of hacker, and all the US news said this, for one ex-serviceman found the school, but made a biggest joke, that the school is a cooking and beauty salons school, that's make me very happy and a big free advertisement for the school, bcs no one Chinese believe this cooking school can do this
2010122855463501.jpg


2008, Russia launched cyber attacks to Georgia, Manipulate server located in Turkey and others from all over the world, only 13% from Russia, but every one knows that all these were done by Russian
 
.

Pakistan Affairs Latest Posts

Back
Top Bottom