Risk
6/15/2011
12:12 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

U.S. Grills China About Cyber Attacks

Chinese IP addresses have been implicated in numerous, recent distributed denial of service attacks, which top State Department officials see as a human rights issue.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
In another sign that the United States government is concerned with the threat of cyber attacks originating from China, a top State Department official recently raised the case of a hacked U.S. political site directly with the Chinese Ministry of Foreign Affairs, according to a letter released by the political group Change.org.

The site, which offers tools for online political campaigns, began to be victimized by distributed denial of service (DDOS) attacks in mid April, soon after it carried a petition for China to release Chinese artist Ai Weiwi, who helped design the centerpiece of the 2008 Summer Olympics, the "Bird's Nest" National Stadium, and who was imprisoned earlier this year in the midst of a Chinese crackdown on political dissent.

The attacks raised the ire of congressional leadership, as both House minority leader Nancy Pelosi, D-Calif., and Rep. Rosa DeLauro, D-Conn., condemned the attacks and called on the State Department to take action and bring the hackers to justice.

In response, the State Department not only condemned DDOS attacks, like the one Change.org experienced, that are "designed to stifle free speech on the net," but also raised the issue directly with the Chinese Ministry of Foreign Affairs in late April, according to a letter from the State Department to Rep. DeLauro that was released by Change.org. The letter indicates that deputy assistant secretary of state Dan Baker raised the issue of the attack with the Chinese government during a dialogue on human rights.

"The Department will continue to press China on the importance of an open and unrestricted Internet," says the letter, written by acting assistant secretary of state for legislative affairs Joseph Macmanus. "As part of the State Department's Internet freedom initiative, we support efforts to protect groups and individuals from such attacks."

The attack is only one of a number of recent attacks said to originate from China. Google in late May announced that hundreds of its Gmail users, including senior U.S. officials, had been the targets of a spear-phishing campaign that originated in China. A February attack on the G-20 was similarly traced to Chinese IP addresses, and China has also been reportedly eyed in recent attacks on the International Monetary Fund. Leaked State Department cables indicate that the Chinese have been attacking U.S. government agencies and companies since at least 2002.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0714
Published: 2015-05-02
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.

CVE-2014-3598
Published: 2015-05-01
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-8361
Published: 2015-05-01
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.

CVE-2015-0237
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

CVE-2015-0257
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.