Massive IMF cyberattack ‘was state-backed’, say sources

International Monetary Fund seal

IMF seal

By JOSEPH FITSANAKIS | intelNews.org
A massive and sophisticated cyberattack that targeted the computer systems of the International Monetary Fund last month was “linked to a foreign government”, according to sources familiar with the incident. The IMF, an international institution which oversees financial crises around the world, revealed the security breach in an internal email sent last week, but has yet to make a public announcement about the incident. Although the cyberattack was not publicly announced, it was revealed last weekend by The New York Times, which cited a “security expert […] familiar with the incident”. The paper notes that IMF’s computer databases function as “a repository of highly confidential information about the fiscal condition of many nations”, and that they contain “potentially market-moving information”. British daily The Independent adds that “internal political opponents and foreign intelligence services could […] find [in the IMF databases] explosive information about government dealings with the fund”. Intriguingly, the attack occurred in the weeks prior to the arrest of the Fund’s Director, Dominique Strauss-Kahn, who was detained on American soil on charges of sexually assaulting a female worker at his luxury New York hotel. Read more of this post

News you may have missed #517

  • New Zealand to launch new cybersecurity agency. The new National Cyber Security Centre will protect high-risk government agencies from attacks by cyber spies and criminals. It will also take on the functions of the Centre for Critical Infrastructure Protection, which helps protect critical national infrastructure such as the computer networks of banks and power companies.
  • New book on China-US spy wars. An extensive review by Joseph Goulden (author of SpySpeak: The Dictionary of Intelligence) of David Wise‘s new book, Tiger Trap: America’s Secret Spy War with China, which has been published by Houghton Mifflin Harcourt.
  • Over 1,000 cyber attacks against UK MoD last year. Criminals and foreign spy agencies launched more than 1,000 cyber attacks on Britain’s Ministry of Defence last year in an effort to steal secrets and disrupt services, Britain’s Defence Secretary Liam Fox has revealed.

News you may have missed #421 (‘not news’ edition)

  • Not news: Senior Afghan officials on CIA payroll. The New York Times‘ Mark Mazzetti and Dexter Filkins are right to air this story, but the real news here is the media industry’s collective gasp of fake shock and horror. Really?
  • Not news: Pentagon breached by foreign hacker. US Deputy Defense Secretary William Lynn has disclosed that an undisclosed foreign spy agency carried out a serious cyberattack on US military networks with the help of a tainted flash drive that was inserted into a laptop in the Middle East. Ah, the old memory-stick gift trick
  • Not news: Sex-obsessed coverage of Russian espionage continues. Russian and US media keep avoiding serious analysis of post-Cold-War Russian intelligence operations by focusing on Anna Chapman. This is no surprise, since pursuing the real story behind Russian deep-cover espionage in the United States takes hard work.>response to Le Carre’s comments.

News you may have missed #418

  • US military pays for intel widely available online. Experts say that the vast majority of the ‘intelligence’ needed by the United States is freely available on the Internet. But that has not stopped a company called Military Periscope from selling its subscription services to the US government, on things such as updates on foreign militaries, peacekeeping missions, weapons databases and terrorist organizations “via monthly CD-ROM delivery”.
  • Son of Russian spies could return to US for school. Tim Foley, the elder son of Donald Howard Heathfield and Tracey Lee Ann Foley, the two deported US residents who were living a double life as Russian spies, may be trying to return to study in the United States, but his younger brother plans to stay in Moscow.
  • German spy chief notes cyberattack surge. Cyberattacks against German corporate and government computers have been on the rise since 2005, according to Heinz Fromm, Director of Germany’s Federal Office for the Protection of the Constitution. He said the attacks “come mainly from Asia, often from China”, and that often “state agencies are involved”.

News you may have missed #327

  • Cyberspies eyed Canadian visa applications. Personal information about Canadians applying for visas was swiped by cyberspies who hacked into Indian embassy computers in Afghanistan. The data theft was part of a wider cyberespionage operation launched by the underground hacking community in China and aimed primarily at political targets, according to academic researchers.
  • Israeli Arab jailed for spying on top general. Rawi Sultani, who is accused of informing Hezbollah of his membership in the same fitness club as Lieutenant-General Gabi Ashkenazi, as well as of methods of accessing the club, has been sentenced to nearly six years’ imprisonment.
  • CIA places American on assassination list. US-born al-Qaeda recruiter Anwar al-Aulaqi, who now lives in Yemen, has become the first US citizen to be placed on a CIA “targeted killing” list, which requires “special approval from the White House”.

Bookmark and Share

Study points to Chinese city as ‘world capital’ of cyberespionage

Shaoxing

Shaoxing

By IAN ALLEN| intelNews.org |
A major traffic analysis of cyberespionage attacks has identified a provincial urban center in southeast China as ‘the world capital’ of cyberespionage. The survey, conducted by cybersecurity firm Symantec, studied the origination points and targets of 12 billion malicious emails. It concluded that nearly one third of all email-based cyberespionage attacks originate from the People’s Republic of China –a percentage far larger than previously thought. It also traced most Chinese cyberespionage attacks to Shaoxing, a city of over four million residents in China’s southeaster Zhejiang province. The Symantec study said that large-scale Chinese cyberespionage attacks appear to be systematic and concentrate on carefully selected targets, such as defense policy experts and human rights activists. Read more of this post

News you may have missed #309

  • Iran claims arrest of US cyberspies. Iranian security forces have arrested 30 people accused of waging cyberwar against the country, with the backing of the United States. The Iranian government accuses them of running a network of websites funded by US intelligence, which aims to “collect information about Iran’s nuclear program”.
  • Nazis planned to infiltrate Vatican with spies. Nazi Germany hatched a plan during World War II to infiltrate the Vatican with spies disguised as monks, according to secret MI5 intelligence reports. The codename for the plan was Operation GEORGIAN CONVENT.
  • US misled even us on detainees, says ex-MI5 chief. Eliza Manningham-Buller, the former head of the Britain’s foremost domestic spy agency, MI5, has said that United States intelligence agencies misled even MI5 about the mistreatment of suspected terrorists.

Bookmark and Share

News you may have missed #0286 (Internet edition)

  • Email trojan targeted at US .gov, .mil accounts. A Trojan-containing email, which is spoofed so that it appears to have been sent by the US National Intelligence Council, appears to have been directed solely at US government and military email accounts.
  • Analysis: Smuggling secret information through VOIP. Voice over Internet Protocol (VOIP) systems use a series of protocols to essentially create an open, unmediated link between two computers. VOIP applications also provide a way to make sure the packets are ordered quickly and correctly. And that’s a goldmine for anyone trying to send hidden messages.
  • ACLU concerned about Google-NSA partnership. Google corporation has turned to the US National Security Agency for assistance in warding off cyberattacks. But the American Civil Liberties Union is among several organizations that view the partnership as “troubling”.

Bookmark and Share

News you may have missed #0271 (analysis edition)

  • Analysis: The Women of the CIA. Former CIA agent Valerie Wilson says the recent massacre of CIA agents in Khost, Afghanistan, shows that it is “time to recognize that women play a vital role in ensuring our national security and that they are very much on the frontlines, taking all the same risks but recognized and credited much less than their male counterparts” at the CIA.
  • Analysis: Google and the democratization of espionage. Roland Dobbins, a solutions architect with the Asia Pacific division of Arbor Networks, explains why the recent Google-China hacking affair is a perfect example of how the botnet has enabled what he calls “the democratization of espionage”.

Bookmark and Share

Comment: Are Clinton’s Cyberattack Protests Hypocritical?

Hillary Clinton

Hillary Clinton

By JOSEPH FITSANAKIS* | intelNews.org |
The Chinese have accused the US government of hypocrisy in criticizing Beijing for its alleged role in organized hacking attacks, which recently drove Google to abandon its operations in China. Speaking last Thursday, US Secretary of State Hillary Clinton argued that “[c]ountries or individuals that engage in cyberattacks should face consequences and international condemnation”. But a subsequent editorial in government-owned The People’s Daily essentially said that China is not the only country that engages in cyberwarfare; the US does it too. Is this true? Most likely, yes. Read more of this post

Analysis: The meaning of China’s cyber-attack on Google

Google

Google

By IAN ALLEN | intelNews.org |
Google’s recent decision to close down its venture business in China, after its operations there repeatedly came under cyber-attack, has received plenty of media attention. But most non-experts find it difficult to understand why these cyber-attacks were important enough to cause Google to abandon what is admittedly one of the world’s most lucrative online user markets. An excellent analysis in The New York Times explains the significance and meaning of the cyber-attacks. It turns out that, traditionally, cyber-rogues have been interested in detecting or building back doors (known as Trojan Horses) in commercial software, such as Microsoft’s Internet Explorer or Word, in order to replicate them, and make money selling pirate copies. But the types of attacks that caused Google’s flight from China were different. The instigators of these attacks, which were very sophisticated, seemed to want to gain access to widely used Google applications so that they could spy on their users. Read more of this post

News you may have missed #0259

Bookmark and Share

Comment: Did Russian Intelligence Hack Climate-Change Emails?

Tomsk, Siberia

Tomsk, Siberia

By JOSEPH FITSANAKIS* | intelNews.org |
For over a fortnight, the world’s news services have focused on the so-called ‘Climategate’, the hundreds of University of East Anglia’s Climatic Research Unit emails that were hacked from the university’s server and leaked onto the Internet. The stolen emails, some of which date back to 1996, have reignited conspiracy theories about the role of human activity in climate change. But there is surprisingly little discussion about who hacked into the university’s server and stole the personal emails.

Read more of this post

News you may have missed #0206

Bookmark and Share

News you may have missed #0196

  • Legal problems facing CIA are no laughing matter. They include two criminal investigations by the US Justice Department, persistent inquiries by the Senate Select Committee on Intelligence, as well as legal challenges from “war on terrorism” detainees.
  • Aussie computer networks “most certainly” spied on. The Australian federal government’s computer network has “almost certainly” been targeted by cyber-spies from other countries, according to attorney general Robert McClelland. “In some incidents nation states [are responsible]”, he told reporters.
  • US still considering extraditing Philippine spy. A judge has yet to rule on whether Michael Ray Aquino, a former Philippine National Police intelligence officer who served prison time for passing classified US government documents to the Philippine opposition, will be extradited to face murder charges back home. See here for more on this strange case.

Bookmark and Share