Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Martin McKeay

Security Matters

Chinese hackers attacking the Commerce Department

5 comments

IT TOPICS:Government & Regulation, Security

The Bureau of Industry and Security (BIS) has been under attack from IPs sourced in China since early September, admitted the Commerce Department last Friday. The Chinese systems have been hitting any system at the BIS that's exposed to the Internet with distributed denial of service (DDoS) attacks almost continuously, as well as successfully compromising some systems attached to the Internet. The BIS deemed the attack to be serious enough that they shut down their Internet access all together and are rebuilding or replacing any system that might have been compromised.

Whether or not the hackers are sponsored by the Chinese government, or if the attacks are really even sourced in China, is still in question. I find it highly unlikely that any government would be so brazen as to actively encourage this type of attack against another government. However, they might be willing to turn a blind eye while it happens. Another possibility is that the attacks aren't even really starting in China, that the attackers are just using a number of previously compromised systems to act as reflectors for their own attacks. Is there a third possibility?

Personally, I think it's compromised systems that are being used in the attack. If it is, this would be a perfect example of why it's becoming at least as important that we protect home systems as corporate systems. Most home computers have nearly as much power as a corporate server and with the high speed Internet connections that are currently available, many homes are getting to the point where they have as big a pipe (or is that tube?) to the Internet as a small or medium business. And when an attacker can aggregate several thousand home computers with high speed access, they can take down even some of the best protected government sites.

Email this

Digg this

What People Are Saying

Add new comment

There's no doubt that home

Submitted by Mila on October 9, 2006 - 7:12 P.M.

There's no doubt that home systems should have the highest level of protection, but I don't see this becoming widely implemented any time soon.
Most home users don't have the technical knowledge of corporations with extensive IT departments. What will prove to be helpful, though, are more products that are made especially for this type of consumer who might lack advanced technical knowledge.
It's much easier for these hackers to focus on home computers, rather than huge corporations. These machines, too, house critical documents as many people store tax information, passwords and even work emails on their home computers.

Report this comment

The fact that the servers

Submitted by Anonymous on October 9, 2006 - 1:13 P.M.

The fact that the servers are in China is no indication of who is responsible. One might be better off looking at who might have it in for this Bureau of Industry and Security. If they are responsible for dealing with network security, there's a large number of people who might be angry with them.

Report this comment

While it may be plausible to

Submitted by Anonymous on October 9, 2006 - 10:00 A.M.

While it may be plausible to blame the Chinese Govt. for this tactic (they are sneaky dealers - example: human rights, etc., as everyone knows), but let's not jump to conclusions so fast and give them the benefit of the doubt. Let's shift our focus instead to the big Telecom Co's who are in a better position to stop this sort of traffic - the world should impose on them (as a right of passage to conduct business) the obligation to immediately stop this kind of conduct, to track down the IP and shut down the offending ISP Provider. It is no mystery that you can track my IP, or anyone else's for that matter - then using the same technology, track down and SHUT DOWN that ISP. The internet is starting to look like the United Nations - a wild frontier with no enforcement or bite.

Report this comment

take it easy dude

Submitted by Anonymous on October 9, 2006 - 11:49 A.M.

take it easy dude

Report this comment

country is innocent!

Submitted by Anonymous on October 9, 2006 - 9:10 A.M.

country is innocent!

Report this comment

Web filtering internationally, part 1: China

Unlock/jailbreak new iPhone 3G software with #blackra1n app

Spam culture, part 3: Nigeria (and 419 scams)

Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

FISMA Prescriptive Guide
A Tactical Guide Enabling you to take Action and Achieve Operational Excellence

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

US Government Prevents Malware on Sensitive Financial Systems
Download This Case Study Now!

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

Whitelisting Your Way to FISMA Compliance
Download This Whitepaper Now!

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

All White Papers | All Webcasts