Computer hackers traced to China carried out an advanced cyber espionage attack against one of America’s most elite foreign policy web groups – the website of the Council on Foreign Relations (CFR).
According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a “drive-by” website cyber attack that was detected around 2:00 p.m. on Wednesday.
The specialists, who spoke on condition of anonymity, said the attack involved penetrating the computer server that operates the New York City-based CFR’s website and then using the pirated computer system to attack CFR members and others who visited or “drove by” the site.
According to the computer security specialists, the cyber espionage attack represents a new level of sophistication by foreign hackers seeking government and other secrets by computer.
The method used in a “drive-by” attack requires hackers to covertly plant malicious software in the CFR computer system. Then, they used the software and the web site to attack visitors to the site by infecting their computers in a hunt for secrets and other valuable information. One of the specialists said the attack also involved using the CFR site for what is called a “watering hole” attack, when people who visit the website are infected.
One of the victims who visited the CFR’s website, cfr.org, discovered the attack and alerted computer security specialists on Wednesday.
A similar Internet Explorer vulnerability was behind the major Aurora cyber attack on Google and other U.S. corporations that began in 2009 and was traced to China’s government.
Investigators said the computer attackers that targeted CFR were able to set up a covert network capable of identifying, encrypting and sending stolen information found in targeted and infected computers back to a secret command and control computer.
Full article: Chinese Hackers Suspected in Cyber Attack on Council on Foreign Relations (Washington Free Beacon)