China ‘hacked European government computers’ prior to G20 summit
December 13, 2013 1 Comment
By IAN ALLEN | intelNews.org
A group of hackers from China managed to compromise computer networks belonging to the foreign ministries of several European governments prior to last September’s G20 Summit, according to a private computer security firm. The Summit, which took place in St. Petersburg, Russia, on September 5 and 6 of this year, brought together the heads of state of 20 major economies, including the United States and many European Union countries. The meeting agenda was dominated by discussions concerning the response of the international community to the chemical attacks in Ghouta, Syria. According to the Reuters news agency, the hackers managed to infiltrate carefully targeted computer networks by sending emails containing infected attachments to employees of foreign ministries. The attached files bore titles such as “US_military_options_in_Syria”, which appeared designed to bear reference to the upcoming G20 Summit. The hacking revelations were made by FireEye, Inc., a California-based security firm, which says it has proof the hackers came from China. The firm says its confidence on the matters stems from “a variety of technical evidence”, such as the language used on the control server used by the hackers, as well as the types of machines that were used to test the virus before it was deployed. FireEye said its experts were able to keep tabs on the “inner workings” of the primary computer server that the hackers used to monitor the compromised computer networks. However, shortly before the Summit begun, the hackers migrated to another server, at which point the FireEye team lost contact with them. Nart Villeneuve, one of several FireEye researchers who prepared the report on the hacking incident, told Reuters that it was nearly impossible to prove conclusively that the hackers were working for the Chinese government. “All we have is technical data. There is no way to determine that from technical data”, he said. But it was important to note, he added, that the email address used to send the infected emails contained the word “consulate”, which “bolstered the possibility that the attack was politically motivated”. The security firm refused to identify the five nations whose computer networks were hacked —though it is worth noting that the United Kingdom, Italy, Germany, Spain, and France were the only European nations that participated in the Summit. But Villeneuve said his team reported the attacks to the US Federal Bureau of Investigation.