I’m always dubious about people claiming they are being attacked by cyber-vandals for political reason. It looks like they want their 15 minutes of fame. However this time, there’s a stream of story that can raise some eyebrows. Here are the stories :
- http://www.savedarfur.org website has been under attack people try to gain access to their mail back end and FBI is investigating, the savedarfur coalition spokersperson explain they traceback the unauthorized access to computer in china : http://www.savedarfur.org/newsroom/releases/china_based_it_attacks_reported_to_fbi/
- They also complain that some of their partner organizations have also been victim of social engineering attack tricking user into opening malicious attachment of email
- More recently pro-Tibet groups could also have been targeted using malware attacks against them. http://www.f-secure.com/weblog/archives/00001406.html
Although it impossible to deny the role (whatever it is “really” happening to be) of china in both conflict, it is a long shot to trace it back to an official chinese action, here’s why and also why it’s also scaring anyway.
- Chinese computers are, like all computers in developing countries, not very well protected (unmaintained, unpatched full of viruses) so the attacks can come from China but could simply be a redirection from anywhere in the world.
- Since it is very likely that some Chinese hold a grudge against any who is complaining about their policy in Tibet, we could see some local geek head taking side with the establishment : http://www.bbc.co.uk/blogs/technology/2008/03/tibet_the_cyber_wars.html.
- I find a little offensive to see Chinese based “cyber warriors” using plain English to carry social engineering (http://en.wikipedia.org/wiki/Social_engineering_(security)) attack against Tibetan groups. Should I remind my reader that Tibetans have their own language and script: http://en.wikipedia.org/wiki/Tibetan_script. Would it be more efficient to use the local language ?
The scary part.
- Using wide bot-nets of viruses infected computer is normally the trademark of organized crime. Am I alone to be scare to the thought of the organized crime taking side of crypto-fascist / rogue states like China or Sudan ? Whatever alliance using bot nets to carry politically motivated action worries me a lot.
- NGOs and non-profit, take this on my word, are easy target. Even the big international ones have very little savvyness for computer security and for anything related to IT. Local offices are probably even more vulnerable. Everyday I see a lot of uninformed people taking very uninformed decision about their IT system, most definitively a fertile ground for anyone who wants to get inside the systems using good faith.
- Once someone got the idea of using viruses and malware to attack human rights association, then it will happens, people will try it, the not so good guys, the bad one and anything in between. At the end it will disrupt communication and whoever wish to spread misfortune against civil society organization will win
Post a Comment