Showing posts with label China. Computer Security. World news. Show all posts
Showing posts with label China. Computer Security. World news. Show all posts

Tuesday, February 19, 2013

Chinese Cyberwar against US Heating Up

China now appears to be waging all-out warfare against the United States in the technology arena. Mandiant Corporation has analyzed cyber attacks on American companies and have determined that many of them originated in a Shanghai office building owned by the People's Liberation Army. Not only have they infiltrated high-tech companies, critical infrastructure like dams and the power grid, they've gone after companies like Coca-Cola to get information about business deals in the works. Thus, any American company is at risk.

Not long ago it was discovered that Chinese hackers had been going after The New York Times to learn the identities of sources who told the Time about the Chinese prime minister's relatives accumulating billions of dollars through questionable business dealings.

And the Financial Times reports that Shane Todd, an American engineer working in China, may have been murdered after he became concerned about the advanced gallium nitride technology (useful for military communications technology) he was working on would fall into the hands of the Chinese military.

The technique used in many of these infiltrations involve "spear-phishing" attacks, in which an email is sent to an employee containing an attachment or link, which contains some kind of Trojan horse that allows the attacker to gain access to the company's network.

Which raises the question: why do these government and corporate email systems even allow attachments on emails? And why do companies allow employees to access unknown web sites from computers on their internal networks? And why are people foolish enough to open said attachments and visit said links in the first place?

These techniques aren't used just by Chinese army hackers, they're also used by criminals trying to steal your bank account information. So everyone, not just corporate and government employees, needs to understand the risks of attachments and links.

A big part of the problem is the "easy and automatic" mindset that has possessed software developers since Apple first implemented the auto-execute floppy disk that allowed viruses to propagate simply by plugging a floppy disk into a drive. It's only gotten worse with ubiquitous USB flash drives (all made in China, by the way) and web browsers that automatically launch applications and documents at the click of a mouse button.

Operating systems like Windows Vista and 7 have some safeguards, such as bringing up an extra dialog that force you to enter an administrator password when an application is about to modify the system. But since users are inundated constantly by such prompts for regular software updates, they always just click Yes because they have no idea what they're supposed to do.

There are some steps you can take to protect yourself.
  • Never directly click on links in unsolicited emails -- even from people you think you know. That friendly note and the link to the hilarious video may have been sent by a virus that infected your friend's computer, and going to that website may infect your computer as well.
  • Never directly execute attachments in emails or from the Internet. Always save them in quarantine directory until you've ascertained their reliability.
  • Make sure that your computer installs security updates on a regular basis.
  • Get anti-virus software and make sure it stays up to date.
  • Just because your anti-virus software doesn't flag a file doesn't mean it's safe. Anti-virus software works by searching for patterns of known threats, and new malware won't be in the anti-virus program's database. Some day a clever programmer will write a virus that "mutates" every time it propagates, and there will be no pattern for anti-virus programs to detect. You should assume that has already occurred.
  • Change your computer's settings to prevent the automatic execution of "autorun" files on removable media such as CDROMs, floppies, USB thumb drives, etc. In Windows 7 go to your Control Panel and click AutoPlay. I've set all my devices to take no action so I have to initiate potentially dangerous transactions. Also, don't double-click the icons of CDROMs since under some versions of Windows that will invoke the autorun feature.
  • Whenever you click a link on the web, first hover the mouse button over the link and look at the website's URL, usually displayed at the bottom of the browser window. If it's not what you expect, take extra care. Hackers frequently use domain names that are close to legitimate ones, so be on the lookout for extra characters or misspellings. Automatically distrust all "" links.
  • Don't send friends emails containing unsolicited jokes, links to funny videos or cute pictures, or attachments including photos and videos. Sending large attachments is an imposition in the first place, as the receiver will have to download them. If you want to share files, it's better to place them on a shared and trusted location on the web, such as Facebook or Dropbox. If attachments and links are rare in emails the bad ones will be easier to spot.
  • An most importantly: if something pops up and you're not sure what it is, stop, read it carefully and don't let it run. If you don't know what it is, you probably don't need it.
The People's Liberation Army isn't out to hack all our computers, but if you assume it is, you'll have a better chance of keeping the Russian mafia out of your bank account.