DHS warns about new ‘watering hole’ cyber attack vulnerability as a high-tech firm also reportedly is hit
The Department of Homeland Security warned Internet Explorer users this week about a new software flaw used in remote cyber attacks as Microsoft issued an advisory on the embattled browser’s software hole.
The response followed reports in the Free Beacon revealing that hackers linked to China attacked the Council on Foreign Relations website and used it as a watering hole for a sophisticated cyberespionage attack.
“Capstone Turbine Corporation was also used to spread [the malicious code called] CVE-2012-4969 and this since mid-September,” Romang reported.
“It seems that the Chinese technicians who hacked the Council on Foreign Relations have also been hacking other U.S. targets,” Tkacik said in an email. “Capstone Turbines certainly would be a target of any Chinese firm that wanted to compete with Capstone, download Capstone’s proprietary software and blueprints, or obtain Capstone’s pricing and marketing information.”
“The whole episode is yet another chapter in the ongoing morality play of America’s inability, unwillingness, or both, to confront the Chinese cyberthreat,” Tkacik said. “Alas, U.S. law prevents American intelligence and military cyberwarriors from conducting the same sweeping attacks against Chinese networks, but perhaps the time has come for Congress to fund a major expansion of [the National Security Agency’s] and Defense Department’s network warfare capabilities and mandate them to go after Chinese financial, social, media, energy, and industrial networks in a big way. Otherwise we’re fighting the last war.”
Richard Fisher, a China affairs specialist with IASC, said the government should require publicizing information on Chinese-origin cyber attacks. “The time has come for Congress to demand annual reporting from the Departments of Defense and Homeland Security highlighting China’s global cyber war and its security and economic impact on Americans,” Fisher said. “Such a report required in order to galvanize both defensive and retaliatory policies.”
“Chinese actors are the world’s most active and persistent perpetrators of economic espionage,” according to a report by the office of the National Counterintelligence Executive, a U.S. government counterspy office.
“U.S. private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China but the IC cannot confirm who was responsible.”
The report stated, “We judge that the governments of China and Russia will remain aggressive and capable collectors of sensitive U.S. economic information and technologies, particularly in cyberspace.”
Full article: Chinese Cyberattack Continues (Washington Free Beacon)