	Generational Dynamics
	Forecasting America's Destiny ... and the World's

\| HOME \| WEB LOG \| COUNTRY WIKI \| COMMENT \| FORUM \| DOWNLOADS \| ABOUT \|

Generational Dynamics Web Log for 15-Jan-2010
15-Jan-10 News - China uses 'Spear Phishing' to attack American corporations.

Web Log - January, 2010

15-Jan-10 News - China uses 'Spear Phishing' to attack American corporations.

Pressure builds to send American forces to Yemen.

Google accuses China of 'Spear Phishing' attack on American corporations

Google's announcement that it will no longer censor web sites in China, and will close its offices in China if necessary, has drawn worldwide comment. The announcement was precipated by a discovery that Chinese hackers were hacking into the corporate data of Google, Adobe, and 20 other (so far unidentified) corporations, and also were hacking into Google's Gmail.

InformationWeek's Dark Reading newsletter reports that the Chinese hackers used a "Spear Phishing" attack to gain control of corporate computers.

"Phishing" has been around for years. The hacker sends e-mail messages to millions of users saying, "Open the attached file for pictures of beautiful nude women." Opening the file launches an application that takes control of the computer and turns it into a zombie that can capture passwords, bank numbers, and so forth, and send them back to the central "Command and Control" computer of the hackers. Only a tiny percentage of the users open the file, but that gives the hackers control of thousands of computers.

Spear phishing is a refinement that's extremely sophisticated and highly targeted. The hackers find out the name of your employer, your boss, your girlfriend, or whatever, and then send you an e-mail message, making it appear that it's from one of them. Once again, it asks you to open an attached file that takes control of your computer.

According to the newsletter, "The wave of targeted attacks from China on Google, Adobe, and more than 20 other U.S. companies, which has led the search giant to consider closing its doors in China and no longer censor search results there, began with end users at the victim organizations getting duped by convincing spear-phishing messages with poisoned attachments. Google and Adobe both revealed last night that they were hit by these attacks, which appear to be aimed mainly at stealing intellectual property, including source code from the victim companies, security experts say."

The Chinese hackers obtained intelligence information about people in each of the 20+ corporations. Where did they get that information? There are two possibilities, according to the article.

The first possibility is that the hackers did their own research, using the internet. The second possibility is that the data was collected by engineers intercepting data that crosses routers, controlled by China, that carry internet traffic in and out of China.

"One source close to the investigation says this brand of targeted attack has actually been going on for about three years against U.S. companies and government agencies, involving some 10 different groups in China consisting of some 150,000 trained cyber-attackers," according to the article.

Spear-phishing attacks are becoming increasingly common, not only by Chinese attackers, but by hackers around the world. It's used to capture personal information, including bank and credit card numbers, used for identity theft.

As a computer industry professional, I try to keep reasonably up to date on various security threats that are going on, and I have to tell you that I'm finding it increasingly frightening. The types of exploits that malicious hackers are using is growing, and anyone can be victimized. I consider myself to be in the 99.9th percentile of vigilance about potential hackers, but some people may remember that this web site was hacked about a year ago. Fortunately, I've written all the web site code that runs this web site, so I was able to identify the problem and correct it fairly quickly. Still it illustrates the fact that the attacks are becoming so sophisticated that anyone's home computer, business computer or web site server could be victimized.

One thing that surprised me recently is that even PDF files can be exploited. Most people know that EXE files, DOC files and Excel files can contain malware that attacks computers, but PDF files were thought to be safe until now. Last week, Adobe Systems put up a patched version of Adobe Reader, the program that reads PDF files. You should make sure that you have the latest version of this program installed, so that you'll be safe from these attacks. (See Adobe web site.) (Paragraph corrected - 15-Jan-10)

The Microsoft web site contains some additional tips and information about avoiding spear-phishing attacks on your computer.

Cyberwar between Iran and China

The larger picture is that there's a worldwide cyberwar going on.

Iranian Cyber Army's screen says "This site has been hacked by the Iranian Cyber Army." It appeared on the hacked Baidu.com web site

Iranian Cyber Army's screen says "This site has been hacked by the Iranian Cyber Army." It appeared on the hacked Baidu.com web site

The National Post that China and Iran are two of the major belligerents, hacking each other's web sites.

And as I've said many times (see, for example, "China 'betrays' Iran, as internal problems in both countries mount"), when all is said and done, I expect Iran to be on the side of America and the West, including Israel, when forced to make a choice in the coming Clash of Civilizations world war. This cyberwar between Iran and China appears to be an early skirmish.

Bad harvest pushes India's food prices up 20%

Thanks to a fairly weak monsoon season, harvests have been down in India, resulting in food prices that have increased by almost 20% in the last year.

The Hindu reports that the government in New Delhi is putting emergency measures into effect to try to curb soaring prices. These measures include removing duties on imported white sugar, and making hundreds of millions of pounds of wheat and rice available on the open market at low prices.

Pressure grows to send American military to Yemen

The Asian Times reports that US Senate Armed Services committee chairman Carl Levin is advocating further American military intervention in Yemen, including unmanned aerial drones, clandestine actions and air strikes.

Military analyst Brian M. Downing gives the following reasons why there's pressure for further American military intervention in Yemen:

The Saudi and Yemen branches of al-Qaeda have merged to form Al-Qaeda in the Arabian Peninsula (AQAP), headquartered in Yemen.

Furthermore, the Taliban in Afghanistan and Pakistan have been distancing themselves from al-Qaeda, and al-Qaeda fighters from there have been traveling to Yemen to join AQAP.

AQAP is linked to the attempted Christmas bombing of a jetliner over Detroit, and is also linked to the Fort Hood shootings.

Yemen is strategically important, close to oil fields and shipping lanes.

Yemen's government is fighting al-Qaeda's forces in the south. Also, Saudi Arabia and Yemen are jointing fighting Shia Houthi rebels in the northwest, and these rebels are allied with Iran.

There is widespread fear that Yemen's government will collapse.

From the point of view of Generational Dynamics, a major component of the coming world war will be a war between Sunni and Shia Muslims. With Iran and Saudi Arabia supporting opposite sides of the conflict in Yemen, things could spiral into something more serious at any time.

(Comments: For reader comments, questions and discussion, see the 15-Jan-10 News - China uses 'Spear Phishing' to attack American corporations. thread of the Generational Dynamics forum. Comments may be posted anonymously.) (15-Jan-2010) Permanent Link
Receive daily World View columns by e-mail
Donate to Generational Dynamics via PayPal

Web Log Pages