U.S. Chamber Of Commerce Hit By Chinese Cyberspies

  /     /     /  
Publicated : 22/11/2024   Category : security


U.S. Chamber Of Commerce Hit By Chinese Cyberspies


Targeted attack against the nations business lobbying organization zeroed in on Asian policy intelligence, according to The Wall Street Journal



The latest casualty in Chinas alleged cyberespionage campaign against U.S. interests? The U.S. Chamber of Commerce.
Information on the Chambers 3 million members representing most of the top companies in the U.S. was potentially exposed in a targeted attack that might have been in operation for more than a year and was eventually halted by the Chamber in May 2010, according to
a report today in
The Wall Street Journal
.
The Chamber poses an attractive target for spies with its corporate membership representing U.S. business interests, so its no surprise it would be in the bulls eye of so-called advanced persistent threat (APT) actors, security experts say.
It doesnt surprise me at all, says Jeff Schmidt, founder and CEO of JAS Global Advisors. Its an amalgamation of American businesses: What better place [for these attackers] to go than the U.S. Chamber?
What was most striking about this attack was evidence that the perpetrators specifically went after four employees of the lobbying organization who work on Asia policy, pilfering six weeks worth of their emails. The six-month long campaign involved some 300 IP addresses and compromised email of close to 50 members, who were told about the breach. Among the information exposed in the emails were trade policy documents, meeting notes, trip reports, schedules, and the names of members who are in contact with the Chamber, according to the article.
The Chambers Asian group, among other things, helps U.S. businesses conduct business in China and Hong Kong. That would be incredibly valuable information from a strategic perspective, says Anthony Bargar, executive vice president of cybersecurity solutions for Foreground Security. Its not only what data was stolen [here], but we should not discount what [may have been] manipulated to steer companies into China.
And its unclear whether the attackers were truly government agents or possibly Chinese businesses going after potential competitors, he says.
The FBI reportedly informed the Chamber that servers based in China were stealing data from the organization, and U.S. officials say the attacks were waged by a group with ties to the Chinese government. The attackers might have been inside the network for more than a year, according to the report. Chinese officials denied any wrongdoing, stating that cyberattacks are illegal in China and that its country is a victim of such attacks.
[Security consultants and the feds are tracking a dozen groups responsible for advanced threats -- all out of China. See
Dastardly Dozen: A Few APT Groups Carry Out Most Attacks
.]
Given the number of potential victims affected by the Chamber hack, what was surprising was that word of the attack didnt leak publicly until now, experts say. APT-type attacks such as this one are characteristically stealthy and unrelenting, often going on for long periods of time before the victims discover them, if at all.
The Chambers attackers appear to have infiltrated its network starting at the latest in November 2009, according to the report. Like a typical APT, they took pains to hide their tracks and set up multiple backdoors with which to come and go and regularly siphon information to their computers in China. The attack was shut down after the Chamber shut down and destroyed some of its computers and then did a major security makeover.
David Chavern, chief operating officer of the Chamber, told The Journal that the attack appeared to be highly sophisticated. What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence, he said. Even so, the Chamber says there has been no sign of any fallout or damage to the lobbying organization or its membership.
Joe Gottlieb, president and CEO of Sensage, says the attack demonstrates how these types of attackers are becoming more sophisticated. This attack demonstrated a new level of sophistication in numerous dimensions. The hackers were able to choose the targeted organization -- the U.S. Chamber of Commerce. They were able to choose the people within that organization that mattered to them -- the individuals known to be working on Asia policy, he says. They were able to obtain all email content, including attachments, exchanged between these individuals and other organizations, several of which must have been relevant to the matters of interest.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
U.S. Chamber Of Commerce Hit By Chinese Cyberspies