Feds Shared Chinese Hacker Data With Service Providers
FBI and Homeland Security temporarily slowed attacks by giving U.S. service providers info on Chinese hackers' command-and-control infrastructure
The FBI and Department of Homeland Security (DHS) in February supplied hundreds of IP addresses of suspected Chinese command-and-control (C&C) servers to U.S. service providers.
That intelligence sharing, first reported by The Wall Street Journal, was meant to counter rampant cyber spying by China by allowing service providers to block the IP addresses, according to unnamed U.S. officials. Compromised PCs in the United States would have contacted the IP addresses to receive instructions from attackers, or to relay sensitive data to Chinese spies.
But any gains from the threat-intelligence sharing were short lived, with attackers quickly retooling and launching attacks using new infrastructure. "Part of the problem is we can close this door and it's fairly easy for them to open another door," a U.S. official told the Journal....