The U.S. Chamber of Commerce recently uncovered an attack on its systems, and fingers are pointing toward China.
The Chamber represents over three million US businesses, 96 percent of which are small businesses with 100 employees or less. The agency, situated in Washington D.C., lobbies for free enterprise, competition between US companies and entrepreneurship. Some of its bigger members include Adobe, Microsoft, Visa, and Google.
According to the Wall Street Journal which first reported on the attack, which may have started as early as November 2009, nearly 300 internet protocol addresses (IP addresses) were compromised, with around 50 members directly affected. Chamber President Thomas Donohue first got word of the breach in May 2010. When the news arrived, the Chamber went to work scouring the e-mails of affected accounts to see what kind of information may have been uncovered. Meeting minutes, schedules, some trade policy documents and trip records are the only compromised items being reported.
In early November, the US government released a report titled The Foreign Economic and Industrial Espionage Report. In the document, the government stated that China and Russia have been spying on U.S. Internet systems to steal confidential information. The Office of the National Counterintelligence Executive, which created the report, said that an “onslaught” of attacks on US computer networks had IP addresses that could be traced back to China.
This prompted Chinese foreign ministry spokesperson Hong Lei to release a statement saying, “Online attacks are notable for spanning national borders and being anonymous. Identifying the attackers without carrying out a comprehensive investigation, and making inferences about the attackers, is both unprofessional and irresponsible.”
According to the Wall Street Journal, Geng Shuang, Washington DC’s Chinese Embassy spokesperson, also called today’s accusation “irresponsible” and admitted that China was subject to cyber attacks as well. This is a matter to consider. In the US, organizations working independently have compromised government websites of countries in the Middle East such as Syria and called for cyber attacks on Egypt. These Internet hacktivists, such as the group Anonymous, work on their own and attack the US government for what they see as injustices.
In August, China was also named as a potential perpetrator for a five-year long attack on 72 governments around the world.
When attacking computer systems, cyber criminals will often use what is called a “backdoor” to re-enter the system without having to hack or social engineer — manipulating employees into giving out sensitive information — their way into acquiring login credentials or other access. According to the Journal, the attackers set up dozens of these back doors, knowing that passwords would be changed, or missteps in erasing their tracks could be found.
As a result of this attack, and the recent attacks linking Chinese attackers to US systems, Chamber employees are barred from taking devices that are often used for work to high-risk countries, among them China.
The Chamber told the Journal that it is still experiencing weird and suspicious activity and doesn’t see an end in the near future. Sometimes employees find a Chamber townhouse thermostat chatting with computers in China. Other times printers spill out Chinese characters without being given the command. In any case, the Chamber is keeping itself alert and revisiting its security tactics.
VB's research team is studying web-personalization... Chime in here, and we’ll share the results.