China exposed as source of cyber-attacks

An apparent slip-up by producers on a Chinese TV programme confirms that the country’s military is using automated intellectual property (IP) hacking to attack Western computer systems.

Sep 1, 2011
By Paul Jacques
Assistant Chief Constable Ben Smith

An apparent slip-up by producers on a Chinese TV programme confirms that the country’s military is using automated intellectual property (IP) hacking to attack Western computer systems.

According to Steve Watts, co-founder of the tokenless two-factor authentication specialist SecurEnvoy, while Western governments have engaged in finger-pointing at China over government and allied agency server attacks for several years, the Chinese government has always vehemently denied the claims.

“It’s therefore kind of ironic that the evidence for Chinese government-driven cyber-attacks – and automated attacks at that – should come from a Chinese military TV programme, detailed on the Epoch Times newswire, which shows a hacker utility application with legends such as ‘select attack target’,” he said.

He warns that IT security managers in Western government and allied agency computer systems – as well other organisations on both sides of the public/ private sector divide – need to plan ahead and counter these advanced attack vectors.

The solution, said Mr Watts, is to use a multi-layered IT security strategy that uses a variety of encryption and other authentication systems to protect the data.

Some of this information can be useful for military intelligence, but the majority, he added, is almost invariably useful in other areas, especially where IP is involved. And since IP is becoming the de-facto currency of choice amongst hackers of all types, it stands to reason that defending IP should become a high priority.

“Our observations suggest that it is no longer possible to develop an IT resource that is completely resilient against an external cyber-attack, but the use of authentication as a means of enhancing other credential-enabled data security is a useful additional weapon in the ongoing battle against hackers,” he said.

Cybercrime investigators and computer forensic specialists from 21 countries took part in the first Interpol cybercrime summer school training course last month, organised with the University College Dublin (UCD).

The two-week programme was designed to develop theoretical and practical knowledge and skills across a range of areas to assist investigators in conducting more effective cybercrime investigations, including: disk imaging, live data forensics, mobile phone forensics, money laundering investigation, search and seizure techniques, voice over Internet protocol (VoIP) and wireless investigations, and malware detection and analysis.

“In order to effectively fight cybercrime it is important that law enforcement work with academia and the private sector which is why this course, the first co-organised by Interpol with the UCD, is important,” said Jaime Ansieta, assistant director of Interpol’s Financial and High-Tech Crime unit.

“The joint law enforcement and academia training programme is a key element in providing exactly what law enforcement cybercrime investigators need.”

Related News

Select Vacancies

Chief Superintendent

Police Scotland

Detective transferees

Durham Constabulary

Copyright © 2022 Police Professional