Finjan warns companies as China prepares for cyber-espionage
October 2009 by Finjan
A report commissioned by a US Congressional advisory panel monitoring the security implications of trading with China has warned that China has started spying on the US government and major companies.
And, says Finjan, the business Internet security specialist, now is the time for companies to start beefing up their IT security defences to stop them falling victim to what appears to be a rash of impending cyber-espionage from the Far East.
" Many cyber attacks and hacker incursions originated from China have been implicated in into Western IT systems in recent years. Obviously it’s hard to prove beyond a shadow of a doubt that the government there is involved in these attacks, however according to the report it’s quite likely that government is active in this domain," said Yuval-Ben Itzhak, Finjan’s chief technology officer.
"It’s against this backdrop that we’ve been conducting investigations into Chinese attacks on Western public and private-sector IT systems for some time," he added.
According to the Finjan CTO, his company’s malicious code research centre (MCRC) conducted in in-depth study into the rising volume of attacks emanating from China and reported that there were some very sophisticated attacks taking place.
In the study (http://tinyurl.com/yfsfdzu), he explained, Finjan’s research team found at least one set of attacks coming from a server group that belongs to a Chinese government office.
Researchers, he said, discovered that some sites in the network lead to Trojan sites that exploit the users’ Web browser software by downloading the Trojan and installing it on the user desktop.
Once the users’ PC has been infected, he went on to say, the Trojan then starts to send data to other Web sites on the Internet-connected network.
Additional sites in the network, meanwhile, were found to monitor and control the attack using statistics as to how many users visit the site and how many got infected.
"And that was two years ago, so you can imagine that the Chinese hacker attack groups - regardless of who they are affiliated to – have increased in their level of technology sophistication, so this report serves as a clear warning to companies of the need to review and enhance their IT security defences," he said.
“Tools and products to fights against the increasing cybercrime from China are available for US Businesses and individuals. The reason many businesses are becoming victims to these attacks is the lack of knowledge and the false believe that their existing Firewalls and Anti-virus can do the job for them. Although that was the case 10-5 years ago, since cyber criminals introduced new attack techniques Firewall and Anti-virus are not enough to stop today’s cyber attacks.”