Chinese hackers used Windows source code; siphoned off 50mb of US government emails
One of the U.S. diplomatic cables released by Wikileaks says that Chinese government had gained access to Microsoft source code which was used to hack into USG organizations.
A cable dated June 29, 2009, states that TOPSEC, a Chinese government funded company, availed access to Microsoft source code through CNITSEC, the organization responsible for overseeing Chinese government's IT security certification program that signed a Government Security Program (GSP) with Microsoft.
The cable also stated that TOPSEC had recruited a Chinese hacker Lin Yong from June 2002 to March 2003, who is the owner of Honker Union of China, as senior security service engineer to manage security service and training. The Honker Union of China is an informal union of Chinese hackers that had come to limelight when they declared an online war against US Internet users, after the mid-air collision between a US spyplane and Chinese fighter aircraft in April 2001.
The incident resulted in the death of the Chinese pilot while the US crew of 24 members was held by China but was released 11 days later.The episode resulted in US hackers breaking into multiple Chinese websites and leaving hate messages. In response to this the Honker Union called on Chinese engineers to beef up security of Chinese websites.
Additionally another company, Venus Tech, a privy to CNISTEC, had employed the services of Xfocus, the hacking group behind Blaster Worm that had infiltrated Windows 2000 and Windows XP systems.
Another cable dated Oct. 30, 2008, cited that USG organizations had been targeted by Byzantine Candor (BC) operation sourced to PRC since 2002. The BC operations exploited Windows system vulnerabilities to gain access to USG systems. The report says that BC infiltrators where able to exfiltrate at least 50mb of e-mail messages and documents from USG agency systems. The BC operatives were able to steal login credentials to gain access to agency systems.
It also states that several commercial ISPs within US were compromised which were further used for a larger attack to facilitate computer network exploitation. The hackers used at least three such compromised systems to gain access to networks and siphon off information from USG.
However, the report limns out the relationship government agencies in China share with companies. The cable said: While links between top Chinese companies and the PRC are not uncommon, it illustrates the PRC's use of its private sector in support of governmental information warfare objectives, especially in its ability to gather, process, and exploit information. As evidenced with TOPSEC, there is a strong possibility the PRC is harvesting the talents of its private sector in order to bolster offensive and defensive computer network operations capabilities.
© Copyright IBTimes 2024. All rights reserved.