12:12 PM
Connect Directly

U.S. Grills China About Cyber Attacks

Chinese IP addresses have been implicated in numerous, recent distributed denial of service attacks, which top State Department officials see as a human rights issue.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
In another sign that the United States government is concerned with the threat of cyber attacks originating from China, a top State Department official recently raised the case of a hacked U.S. political site directly with the Chinese Ministry of Foreign Affairs, according to a letter released by the political group Change.org.

The site, which offers tools for online political campaigns, began to be victimized by distributed denial of service (DDOS) attacks in mid April, soon after it carried a petition for China to release Chinese artist Ai Weiwi, who helped design the centerpiece of the 2008 Summer Olympics, the "Bird's Nest" National Stadium, and who was imprisoned earlier this year in the midst of a Chinese crackdown on political dissent.

The attacks raised the ire of congressional leadership, as both House minority leader Nancy Pelosi, D-Calif., and Rep. Rosa DeLauro, D-Conn., condemned the attacks and called on the State Department to take action and bring the hackers to justice.

In response, the State Department not only condemned DDOS attacks, like the one Change.org experienced, that are "designed to stifle free speech on the net," but also raised the issue directly with the Chinese Ministry of Foreign Affairs in late April, according to a letter from the State Department to Rep. DeLauro that was released by Change.org. The letter indicates that deputy assistant secretary of state Dan Baker raised the issue of the attack with the Chinese government during a dialogue on human rights.

"The Department will continue to press China on the importance of an open and unrestricted Internet," says the letter, written by acting assistant secretary of state for legislative affairs Joseph Macmanus. "As part of the State Department's Internet freedom initiative, we support efforts to protect groups and individuals from such attacks."

The attack is only one of a number of recent attacks said to originate from China. Google in late May announced that hundreds of its Gmail users, including senior U.S. officials, had been the targets of a spear-phishing campaign that originated in China. A February attack on the G-20 was similarly traced to Chinese IP addresses, and China has also been reportedly eyed in recent attacks on the International Monetary Fund. Leaked State Department cables indicate that the Chinese have been attacking U.S. government agencies and companies since at least 2002.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Pat Osborne, Principal - Executive Consultant at Outhaul Consulting, LLC, & Cybersecurity Advisor for the Security Innovation Center,  3/12/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.