Posing as journalists, a Chinese hacker group infiltrated the organization with a series of credible sounding spam emails.
In most cases, a journalist isn’t the first person that comes to mind when trying to keep information secret. But most people wouldn’t immediately consider a press inquiry from Bloomberg News a high-risk for spyware. In November 2010, a group of Chinese hackers used this auspice of neutrality to hack into the networks of the US Chamber of Commerce, Businessweek reported this week.
With an email addressed to lobbyists and executives, the hackers assumed the digital identity of an actual political reporter from Bloomberg and made a bogus inquiry on how much the officials earned on Capitol Hill. The fictitious story alone was harmless, but the email attachment contained spyware which stole corresopondence, confidential documents and other information.
"What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence," David Chavern, the Chamber's chief operating officer, told the Wall Street Journal.
Reports vary on how long the hackers were in the system, but evidence suggests that the pirated access lasted months. The group allegedly carried on unabated until the Federal Bureau of Investigation informed the Chamber that Chinese servers were stealing its information, an unnamed source told the Wall Street Journal. As the country’s top business-lobbying group, the Chamber was a prime target for the hackers, who isolated the documents of four employees responsible for Asian policy.
With long-term access to a system, hackers often implement measures to cover their tracks. In order to short-circuit the cyber attacks, the Chamber destroyed some of its computers and revamped its security protocols over a weekend when the hackers, who were thought to have normal working hours, would be off duty. "It's nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in," Chavern told the Wall Street Journal. "It's the new normal. I expect this to continue for the foreseeable future. I expect to be surprised again."
A representative from the Chinese Embassy in Washington, Geng Schuang, told the Wall Street Journal that China is itself a victim of cyber attacks and claims that the allegation “lacks proof and evidence and is irresponsible.” But the Chamber reports that something still seems to be amiss. In a townhouse the chamber owns on Capitol Hill, a thermostat was exchanging information with an IP address in China at one point, and an executive’s printer began spouting out pages of Chinese characters in March. A glitch in the system, or a ghost in the machine?
By mail.com Editor Will Cade