During 2007 it became more common for countries to openly accuse each other of engaging in spying via the internet – even though it can be extraordinarily difficult to prove an attack is being sponsored by a government.In April, a large-scale distributed denial-of-service attack against websites belonging to the Estonian prime minister, banks and schools, were claimed to be masterminded by the Kremlin39 after Estonia decided to remove a statue of a Soviet-era soldier that comprised part of a World War II memorial. Estonian Minister of Defence, Jaak Aaviksoo, accused the Russian government of launching the attack and called on NATO to amend its protocols to recognize the attack as a form of military action. However, no proof was presented that the attacks could be traced back to the Kremlin.
In another example in December 2007, it was revealed that MI5, the British secret service, had written a secret letter to 300 chief executives warning them that they were under attack from “Chinese state organizations”40. According to reports, the Chinese government was behind electronic espionage against British firms designed to give China a commercial advantage.
Three months earlier, newspapers reported that the Chinese military were being blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary, Robert Gates. Unnamed sources claimed that the People’s Liberation Army (PLA) were blamed in an internal investigation for perpetrating the attempted hack. The British and German governments were also said to have been subject to similar probes by hackers working for the PLA.
When Sophos asked in a poll41 in September 2007 who people believed were likely to have been responsible for the attack the results were:
Believed responsible------------------% of respondents
Chinese-------------------------------45%
Impossible to say---------------------36%
Someone pretending to be Chinese----19%
The Chinese foreign ministry vigorously denied the claims, and said it works hard to fight cybercrime.
2008 is likely to bring more claims of countries attacking and spying on each other via the internet, but so far there has been no convincing evidence released to the public proving that attacks are backed by foreign governments. It must be remembered that internet hackers can hide their tracks, hopping from computer to computer, and leapfrogging around the world, making it very hard sometimes to determine precisely who is behind an attack. There is no doubt, however, of the importance of securing critical computers inside government from hackers whether motivated by politics, espionage or money.
Sophos.com
No comments:
Post a Comment