China might be Origin of Cyber Attack on Oak Ridge
An Internet attack launched on the computer network of a US laboratory for nuclear weapons has a fair probability of originating in the Chinese mainland, according to the Department of Homeland Security via a secret memorandum.
The attack hit large number of employees at Oak Ridge National Laboratory in Tennessee by sending them a sequence of seven enticing phishing e-mails to get the lab personnel to download malicious attachments.
With the attack, hackers were able to access a non-classified database that included the personal details of people who visited the lab during 1990 to 2004, according to e-mail addressed to the whole staff in the first week of December 2007. It was found that about eleven employees viewed the malware-laden attachments.
The scope and degree of sophistication with which the hacking incidents were carried out suggest that they were targeted on systems of the private sector, the memo said. Newsfactor published it in news on December 10, 2007.
According to The New York Times, although the servers from where the attack was traced to China, it isn't necessarily true that any of the Chinese citizens or the country's government were involved. The newspaper had seen a highly confidential memo that outlined the China connections.
Security researchers assessing the attack said that the memorandum that The New York Times obtained from a private company executive contained a set of Internet and Web addresses that related to Chinese locations. ZDNet published this on December 10, 2007.
However, according to the researchers, the connections do not prove the involvement of the government of China or its citizens in the assaults. There have been on earlier occasional instances when computer systems in China were compromised to disguise the true location of the intruders.
Director of security operations, Andrew Storms, at nCircle Network Security said that the phishing e-mails from the Chinese attack were just among the thousand others that government and private sectors receive every day. While phishing is still termed as a cyber attack, it has virtually become a part of life for Internet users today. Newsfactor published this on December 10, 2007.
Related article: China’s Best Initiatives To Deal With Spam
» SPAMfighter News - 27-12-2007