The sky isn't falling, but take an umbrella

William Jackson

After the April 1 collision between a Navy surveillance plane and a Chinese fighter, hundreds of Chinese Web sites were defaced to protest China's detaining the U.S. crew.

Chinese hackers retaliated with widespread attacks against U.S. cybertargets last month.

Riptech Inc. of Alexandria, Va., which does security monitoring, reviewed data logs of hundreds of customers for the first two days of May and found a sharp spike in pings from Chinese sources.

Commercial sites, which make up most of Riptech's customer base, had a 300 percent increase in probes and scans. U.S. government sites saw a whopping 450 percent increase.

From May 1 through May 7, the site recorded at least 77 apparently pro-China Web defacements, 13 of them on .gov and .mil sites.

'To date, it has been a less-than-sophisticated attack,' Riptech chief executive officer Amit Yoran said. 'It's more what I would call political hack-tivism,' not cyberterrorism.

Yoran advised systems administrators not to panic'yet. Given adequate security management and up-to-date patches, he said, 'the level of risk is not tremendously increased.'

More alarming is Moonlight Maze, a 3-year-old effort to penetrate unclassified Pentagon networks. According to numerous published reports, someone'evidence points to Russia, although apparently no one knows for sure'planted malicious code in U.S. military systems and has been using back doors to prowl them since 1998. So far, the Pentagon has been unable to identify or stop the prowlers.

If Moonlight Maze is the electronic Pearl Harbor that security experts have predicted, the attackers have been quietly taking the ship apart from the inside, one screw at a time, instead of bombing it.

Consulting firm iDefense Inc. of Fairfax, Va., has said there is a risk China might be using hack-tivism as a diversion to mask a quiet, structured attack. In a country that controls the Internet as tightly as China does, hacks are unlikely to originate without the government's knowledge, according to iDefense.

'I think it's almost inevitable that we are headed for cyberwarfare and cyberterrorism,' Yoran said. 'It's just a matter of how severe it is going to be.'


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected