Tuesday, April 20, 2010

NYTimes, ABC News, Richard Clarke point to hazards that hostile foreign governments (China) pose to US corporate networks; a coming cyber war?

I don’t like to bite the hand that feeds me, but for completeness sake, it’s important to give reference to a New York Times story by Jeff Markoff, reproduced on MSNBC about the recent problems at Google, with link here.

The issue concerns that Gaia signon system at Google, which is described in the article in detail. The story refers to a compromise that occurred in December 2009, apparently related to China, as reported in the media at the time.

The article explains the attack in December as having started “with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program”, followed by an associate’s clicking on a link and connecting to an unsafe Web site, the employee inadvertently permitting the intruders to gain access to his (or her) work computer. It’s generally much harder to gain access to computers in a secure network in a corporation or government without a very skilled attacker (but the FTC and several government agencies were attacked in mid 2008).

Occasionally, Webroot Spysweeper, Kaspersky and McAfee will warn me that a website is dangerous (McAfee has Site Advisor; another similar service is Web of Trust). Webroot will warn of a site associated with spyware. But on one occasion Webroot warned me that a website located by a search engine was trying to load a fake antivirus software similar to the “Gray Lady” virus. A virus scan found four closely related Trojans that were quarantined. A few years ago, people were trying to put links to fake antivirus sites in comments on Blogger.

Richard Clarke appeared on Good Morning America on April 20 and discussed the New York Times article. He discussed his new book “Cyber War: The Next Threat to National Security and What to Do About It”, from Ecco, which I ordered from Amazon this morning. He said that the biggest threat comes from hostile governments, especially China, maybe North Korea or Iran, rather from teenage hackers. He said that a foreign government could enslave ordinary OC’s and launch attacks against critical infrastructure – although that begs the question as to why the power grid is connected to the public Internet in the first place.

The link at ABC News to Geroge Stephanopoulos’s interview with Richard Clarke today is here.

Both articles are very detailed and should be studied carefully.

Picture (unrelated): Credit card capital Wilmington DE from Amtrak.

No comments: