By Stefanie Hoffman
ChannelWeb
Jun. 12, 2008
http://www.crn.com/security/208403765
Two U.S. Congressmen on Wednesday accused China of hacking into their office computers to possibly compromise sensitive information on Chinese dissidents.
U.S. Rep. Frank Wolf, a Republican from Virginia, during a speech presented on the floor of the House of Representatives, said that at least four his office computers had been infiltrated in August 2006 and that he was told by the FBI and other officials that the source of the attack appeared to be from China.
"In August 2006, four of the computers in my personal office were compromise by an outside source. This source first hacked into the computer of my foreign policy and human rights staff person, then the computer for my chief of staff, my legislative director and my judiciary staff person. On these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world," said Wolf in a prepared statement. "That kind of information, as well as everything else on my office computers -- emails, memos, correspondence, and district casework -- was open for outside eyes to see."
Wolf said that he believed he was the victim of an attack because of his "long history of speaking out about China's abysmal human rights record." During his speech, Wolf mentioned that he "had no information to confirm" his remarks.
In the face of the strong accusations, Chinese officials denied that the county's citizens were responsible for the attacks. Qin Gang, China's foreign Ministry spokesman, said that the Chinese did not have the technology to perpetrate a sophiticated cyber attack that could penetrate Congressional cyber defenses.
To combat what Wolf termed as a "threat to our national security," the Virginia Congressman said he planned to introduce a privileged resolution for greater protection of congressional computer and information systems, while calling on Congress to "take a lead in protecting" the country from attack.
"As a nation, we must decide when we are going to start considering this type of activity a threat to our national security, a threat that we must confront and from which we must protect ourselves," said Wolf. "The potential for massive and coordinated cyber attacks against the United states is no longer a futuristic problem. We must prepare ourselves now and develop procedures for responding to this threat."
His assertions were corroborated by Rep. Christopher Smith of New Jersey, who also echoed that his computer system had been the target of a cyber attack from China.
In a written statement issued on the House floor, Smith, a Republican, said that his Human Rights Subcommittee's computers were attacked by a virus that was executed to "take control of the computers" on two occasions, one in in December 2006 and the other in March 2007.
Smith said that the attackers broke into files that contained legislative proposals directly related to Beijing, including the Global Online Freedom Act and email correspondence with human rights groups regarding China and the names of Chinese dissidents.
"While this absolutely doesn't prove that Beijing was behind the attack, it raises very serious concern that it was,' said Smith.
During his speech, Smith asserted too that he has sponsored legislation that would prohibit U.S. companies from conducting business with secretive governments that restrict information about human rights and democracy on the Internet.
"Like Mr. Wolf, I too speak out often against the systematic abuse of human rights by the Chinese Communist government," he said. "So I was deeply concerned that the perpetrators of these crimes searched the China files on my computers."
In Beijing, Gang dismissed the allegations, citing frequent friendly exchanges between the U.S. and China. Gang implored the U.S. government officials not to be paranoid or sensationalistic, but to conduct relations in a way that is mutually beneficial to both nations.
"In recent years, China and the U.S. have had frequent exchanges. You should ask U.S. citizens in China whether their computers or their access to the Internet have been bugged," said Gang. "We urge the U.S. not to be paranoid and to do more that mutually benefits bilateral ties. China is a developing nation. Do you think we have that kind of technology? I don't believe so."
This is not the first time that the Chinese have been suspected of engaging in cyber espionage or illegal activity over the Internet. Last year, the Pentagon accused Chinese hackers of infiltrating an unclassified U.S. defense Department computer system.
In addition, a recent McAfee report indicated that Hong Kong followed by the People's Republic of China are ranked the number one and two respective most dangerous country domains for Web surfing.
The annual report classified Websites across international lines based on security risk of their country's domain. Altogether, the study compared and ranked the domains of 265 countries.
Despite indications that the location of the cyber attacks point to China, security experts say that a hacker could ostensibly own a Chinese domain but be conducting malicious activity from anywhere else in the world. Experts contend that the IP address belonging to a specific nation does not necessarily indicate that its citizens were conducting malicious activity over the Internet.
"It's just as likely that the bad guys are operating an identity theft ring out of the Ukraine." said Shane Keats, research analyst for McAfee and the study's author. "The speed and rapidity with which the bad guys move from one to the next neighborhood is surprising."
No comments:
Post a Comment