CYBER EYE

The sky isn't falling, but take an umbrella

William Jackson

After the April 1 collision between a Navy surveillance plane and a Chinese fighter, hundreds of Chinese Web sites were defaced to protest China's detaining the U.S. crew.

Chinese hackers retaliated with widespread attacks against U.S. cybertargets last month.

Riptech Inc. of Alexandria, Va., which does security monitoring, reviewed data logs of hundreds of customers for the first two days of May and found a sharp spike in pings from Chinese sources.

Commercial sites, which make up most of Riptech's customer base, had a 300 percent increase in probes and scans. U.S. government sites saw a whopping 450 percent increase.

From May 1 through May 7, the Attrition.org site recorded at least 77 apparently pro-China Web defacements, 13 of them on .gov and .mil sites.

'To date, it has been a less-than-sophisticated attack,' Riptech chief executive officer Amit Yoran said. 'It's more what I would call political hack-tivism,' not cyberterrorism.

Yoran advised systems administrators not to panic'yet. Given adequate security management and up-to-date patches, he said, 'the level of risk is not tremendously increased.'

More alarming is Moonlight Maze, a 3-year-old effort to penetrate unclassified Pentagon networks. According to numerous published reports, someone'evidence points to Russia, although apparently no one knows for sure'planted malicious code in U.S. military systems and has been using back doors to prowl them since 1998. So far, the Pentagon has been unable to identify or stop the prowlers.

If Moonlight Maze is the electronic Pearl Harbor that security experts have predicted, the attackers have been quietly taking the ship apart from the inside, one screw at a time, instead of bombing it.

Consulting firm iDefense Inc. of Fairfax, Va., has said there is a risk China might be using hack-tivism as a diversion to mask a quiet, structured attack. In a country that controls the Internet as tightly as China does, hacks are unlikely to originate without the government's knowledge, according to iDefense.

'I think it's almost inevitable that we are headed for cyberwarfare and cyberterrorism,' Yoran said. 'It's just a matter of how severe it is going to be.'

inside gcn

  • open doors to cloud (Sergey Nivens/Shutterstock.com)

    New vendors join FedRAMP Connect

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group