BANGALORE, INDIA: The recent spate of cyber attacks have raised questions about the security of government and corporate computer systems, and the ability of law enforcement to track down hackers.
Here’s a breakdown of the different types of cyber assaults, from “hactivists” to serious criminals.
DISSIDENT HACKERS SEEKING MAXIMUM PUBLICITY
The Lulz Security and Anonymous groups have broken into computer servers to steal data that they publish on the Internet to embarrass their targets. Examples of this include LulzSec hacking into Fox TV’s “X Factor” contestant database, or breaking into FBI affiliate Infraguard and publishing its user base.
So-called hactivists also use distributed denial of service (DDOS) attacks, in which they get supporters to crash the websites of their targets by overwhelming the servers with traffic. The Anonymous group launched DOS attacks against Visa and MasterCard because the group thought the companies were hostile to Wikileaks and its founder Julian Assange.
CYBER ATTACKS FOR FINANCIAL GAIN
Primarily based on getting financial information, such as payment card data or bank account details, perpetrators tend to keep their attacks secret because the data is more valuable if victims do not know it has been stolen.
Citigroup disclosed that unknown hackers in May had stolen information from 360,083 credit card accounts in North America, in what was the most significant known direct assault on a financial institution.
These attacks can come from just about anywhere, although Western security experts have said that Russia and China deliberately turn a blind eye to this kind of activity from within their borders, provided it is not targeted domestically.
GOVERNMENT OR STATE-BACKED ATTACKS
Hacking by governments or state-sponsored groups is usually aimed at stealing classified information, such as military secrets or other prized data. Security experts have cited attacks on the International Monetary Fund and Google Inc’s email service as recent examples.
There is often finger-pointing at Russia and China after such attacks, although experts suspect other nations including the United States of using this technique more quietly.
There are also occasional suspected state-backed DDOS attacks, such as on Estonia and Georgia in 2007.
FROM VIRTUAL NETWORKS TO THE REAL WORLD
These are cyber attacks aimed at causing actual physical damage, such as by hacking into industrial computer controls to destroy military assets or public infrastructure.
The Stuxnet virus, which Iran has said was used to attack computers at its Bushehr nuclear reactor, is the only case so far that security experts widely agree fits into this category.
June 30, 2011: During the last three years, China has opened eight National Intelligence Colleges in major universities. In effect, each of these is an “Espionage Department” at these universities, where, each year, about 300 carefully selected applicants are accepted, to be trained as spies and intelligence operatives. China has found that espionage is an enormously profitable way to steal military and commercial secrets. While Chinese Cyber War operations in this area get a lot of publicity, the more conventional spying brings in a lot of stuff that is not reachable on the Internet.
One indicator of this effort is the fact that American counter-intelligence efforts are snagging more Chinese spies. But this is largely due to increased spying effort by China, rather than more success by the FBI and CIA. This use of industrial espionage has played a large part in turning China into the mightiest industrial and military power on the planet.
For over two decades, China has been attempting to do what the Soviet Union never accomplished; steal Western technology, then use it to move ahead of the West. The Soviets lacked the many essential supporting industries found in the West (most founded and run by entrepreneurs), and was never able to get all the many pieces needed to match Western technical accomplishments. Soviet copies of American computers, for example, were crude, less reliable and less powerful. Same with their jet fighters, tanks and warships.
China gets around this by making it profitable for Western firms to set up factories in China, where Chinese managers and workers can be taught how to make things right. At the same time. China allows thousands of their best students to go to the United States to study. While most of these students will stay in America, where there are better jobs and more opportunities, some will come back to China, and bring American business and technical skills with them. Finally, China energetically uses the “thousand grains of sand” approach to espionage. This involves China trying to get all Chinese going overseas, and those of Chinese ancestry living outside the motherland, to spy for China, if only a tiny bit.
This approach to espionage is nothing new. Other nations have used similar systems for centuries. What is unusual is the scale of the Chinese effort. Backing it all up is a Chinese intelligence bureaucracy back home that is huge, with nearly 100,000 people working just to keep track of the many Chinese overseas, and what they could, or should, be to trying to grab for the motherland. This is where many of the graduates of the National Intelligence College program will work.
It begins when Chinese intelligence officials examine who is going overseas, and for what purpose. Chinese citizens cannot leave the country, legally, without the state security organizations being notified. The intel people are not being asked to give permission. They are being alerted in case they want to have a talk with students, tourists or business people before they leave the country. Interviews are often held when these people come back as well.
Those who might be coming in contact with useful information are asked to remember what they saw, or bring back souvenirs. Over 100,000 Chinese students go off to foreign universities each year. Even more go abroad as tourists or on business. Most of these people were not asked to actually act as spies, but simply to share, with Chinese government officials (who are not always identified as intelligence personnel) whatever information obtained. The more ambitious of these people are getting caught and prosecuted. But the majority, who are quite casual, and, individually, bring back relatively little, are almost impossible to catch.
Like the Russians, the Chinese are also employing the traditional methods, using people with diplomatic immunity to recruit spies, and offering cash, or whatever, to get people to sell them information. This is still effective, and when combined with the “thousand grains of sand” methods, brings in lots of secrets. The final ingredient is a shadowy venture capital operation, sometimes called Project 863, that offers money for Chinese entrepreneurs who will turn the stolen technology into something real. No questions asked. If you can get back to China with the secrets, you are home free and potentially very rich.
But there are some legal problems. When the Chinese steal some technology, and produce something that the Western victims can prove was stolen (via patents and prior use of the technology), legal action can make it impossible, or very difficult, to sell anything using the stolen tech, outside of China. For that reason, the Chinese like to steal military technology. This kind of stuff rarely leaves China. And in some cases, like manufacturing technology, there’s an advantage to not selling it outside of China. Because China is still a communist dictatorship, the courts do as they are told, and they are rarely told to honor foreign patent claims.
An Australian citizen has faced an Israeli court charged with spying for Hamas, the Islamist group which rules the Gaza Strip.
Eyad Abuarga was arrested along with his wife when he arrived at Tel Aviv airport in March, and has been in custody ever since.
Israeli intelligence officials allege the electronics engineer was recruited by Hamas while living in Saudi Arabia, and received weapons training in Syria before making a trip to Israel.
They accuse him of trying to enter Israel on his Australian passport in order to conduct spy operations.
Hamas is banned in Israel.
In court, the 46-year-old said he was an innocent Australian tourist and denied ever having trained in Syria.
A detailed indictment alleges he had links to the Palestinian struggle since the 1980s, but that from around 2007, he began attending a number of secretive meetings with Hamas members.
The indictment also claims he was asked to help with encoding, that he supplied photographic equipment which could find and guide missiles, and that he trained with Hamas in Syria.
“The accused was taken to a room with prayer rugs where he met four others,” the indictment says.
“After a while they went out and began to train, shooting a pistol and a rifle at different targets. After they finished he was driven back to Damascus. He was blindfolded some of the way.”
The indictment is so detailed as to describe the colours of the car he travelled in and blindfold he was given.
His lawyer, Leah Tzemel, told AM all the evidence comes from interviews with her client which has not been corroborated with outside sources.
Abuarga is a Palestinian refugee who grew up on the Arabian Gulf but later moved to Australia and became an Australian citizen.
As he waited for the hearing to begin, Abuarga told the media at the court near Tel Aviv he had never trained in Syria.
“I’d like to say loud and clear that I’m not a member of Hamas, never was and never will, or any other group,” he said.
Abuarga had been living in Saudi Arabia, until he was arrested on arrival at Ben Gurion Airport earlier this year.
He says he was visiting Israel for a holiday.
“I am an Australian tourist, who came to this country with my wife to celebrate our 25th anniversary of our marriage, and ended up in jail,” he said.
Abuarga’s wife and children have now returned to Australia.
He told the media he had been treated well while in jail.
But his lawyer says if an acceptable plea bargain is not reached, she will release more information about the facts of his interrogation.
The matter has been adjourned for a fortnight.
Meanwhile, the Federal Government says consular officials have been providing extensive help to Abuarga.
A spokeswoman for the Department of Foreign Affairs says officials have visited the man in prison seven times and have also provided extensive help to his family.
Cairo, Egypt (CNN) — An Egyptian court on Thursday sentenced three men — an Egyptian and two Israeli nationals — to 25 years in prison for spying for Israel.
Tarek Abdel-Razek Hussain Hassan, 37, the Egyptian owner of an import-export firm, was arrested in August. The Supreme State Security Court’s criminal department tried the two Israelis in absentia.
Israeli Ambassador Yitzhak Levanon said he had no comment on the case.
Officials charged the three with spying for Israel and harming Egypt’s national interests after Hassan tried to recruit Egyptians working in the telecommunications industry to spy for Israel.
Hassan received $37,000 to recruit Egyptians who could spy in Egypt, Syria and Lebanon for the Mossad, the Israeli intelligence agency.
According to the charges, the spy ring began in May 2008, when Hassan met abroad with the two Israelis.
Hassan is the first person convicted of spying for Israel since Egypt’s January 25 revolution, which resulted in the ouster of President Hosni Mubarak.
“This case sends two messages, one to Egyptians and another to Israel,” said Abdel Aleem Mohamed, senior researcher of Israel Studies at the Ahram Center for Political and Strategic Studies in Cairo. “To Egyptians, the way they deal with Israel will be different and that national security issues will be dealt with severely. To Israel, they are sending a message that the system has changed from the days of Mubarak.”
The case closes as another begins. Ilan Grapel, a 27-year-old dual U.S.-Israeli citizen was arrested June 12 on suspicion of spying. Israel denies he is a spy.
Mohamed predicted none of the cases would dramatically affect relations between the countries.
“This situation won’t affect Egypt-Israel ties because Egypt is free to punish whoever compromises the country’s security,” Mohamed said. “Israel would do the same to an Egyptian spy. Spying is what countries do.”
BERLIN – A German chemicals company said Monday its managers have started keeping their mobile phones in biscuit tins during meetings in order to guard against industrial espionage.
“Experts have told us that mobile phones are being eavesdropped on more and more, even when they are switched off,” Alexandra Boy, spokeswoman for Essen-based speciality chemicals maker Evonik, told AFP.
“The measure applies mostly when sensitive issues are being discussed, for the most part in research and development,” she said, confirming a report in business weekly Wirtschaftswoche.
Biscuit tins have a so-called Farraday cage effect, she said, blocking out electromagnetic radiation and therefore stopping people hacking into mobile phones, not only for calls but also to get hold of emails.
The firm, with 34,000 employees and sales of 13 billion euros (S$22.8 billion), is not alone in wanting to defend itself against what experts warn are increasingly sophisticated methods of industrial espionage.
This month the German government opened a new national centre in Bonn to coordinate efforts not only to protect firms from espionage but also state infrastructure from cyber attacks.
