Tag Archives: China

Britain Beefing Up Cyber Security Measures

“Cyberspace is going to be one of the great challenges of our day” according to Iain Lobban, director of the Government Communications Headquarters (GCHQ). Lobban maintains that cyber attacks pose a serious economic threat.

This has certainly rung true in the the past 12 months with a significant rise in the number of apparently government linked cyber threats coming from other countries or organised criminals. In addition attempts to steal British ideas and designs to gain commercial or contractual advantage has become commonplace.

Blame has often been directed at China. There was also the Stuxnet attack on Iran’s nuclear programme, directly linked to Israel and the United States.

William Hague told the Times that any country not protecting their intellectual property rights would be at a serious disadvantage in the future. He also pointed out that there were 600 malicious attacks on the government systems everyday.

The outcome? Britain is putting 650 million pounds into preventing attacks over the next four years. Both Hague and Lobban stated that governments and businesses needed to work together in order to address the threat at hand.

The GCHQ is at the forefront of British cyber defence and is a large-scale eavesdropping operation similar to the National Security Agency in the States. The organisation specialises in intelligence gathering and code busting and they have been busier than ever with politicians and spy chiefs becoming increasingly concerned about cyber-threats.

China Accused of 5 Year Hacking Spree

McAfee claims that it has uncovered one of the largest cyber attacks ever.

More than 70 government agencies and corporations have had data extracted over a period of five years. International organisations have been infiltrated ranging from the UN to the International Olympic committee.

According to Dmitri Alperovitch, McAfee’s vice president of threat research the evidence points to “a nation state” being the culprit.

“Even we were taken aback by the audacity of the perpetrators” Alperovitch.

At the moment China is highest in the list of suspects. Beijing however have denied involvement calling all accusations “groundless.” Earlier this year Google also pointed the finger at China when some of their source code went missing.

Jim Lewis, a cyber expert with the centre for strategic and international studies was quoted by the Reuters news agency as stating that it was “very likely China was behind the campaign due to some of the targets being of particular interest to Beijing.”

Furthermore Raj Samani, McAfee’s Chief European Technology Officer has already said to the BBC that he suspects the attacks to be still going on “This is a whole different level to the ‘Night Dragon’ attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad.”

As many companies have been distracted by the very public attacks of groups such as LulzSec and Anonymous there have been secret attacks going on, conducted by an unknown. Graham Cluley, a security expert with Sophos told the BBC, “sometimes it’s not about stealing your money or publicly leaking your data. It’s about quietly stealing your information, which can have a very high political, military or financial value.”

Although the intent of the hackers is unclear, what is clear is that they have been able to make off with valuable data and this story will intensify the US government’s push to fortify its cyber security.

 

 

 

 

 

 

 

 

 

Rise of the Data Crime Bot

Automated cyber attacks are becoming increasingly prominent according to a new report conducted by Imperva.

The Web Application Attack Report (WAAR) studied attacks on 30 different enterprise and government web applications highlighting that assaults on websites and databases are now as frequent as 25,000 per hour.

The sheer volume of these attacks is worrying. However perhaps more concerning is the fact that most of them are conducted by automated bots. This makes the threat unique. Car jacking for instance cannot be automated and neither can purse theft. For this reason cyber crime has the potential to have greater financial impact than all other forms of crime put together.

“The level of automation in cyber attacks continues to shock us. The sheer volume of attacks that can be carried out in such a short period of time is almost unimaginable to most businesses,” stated Amichai Shulman, Imperva’s CTO and lead researcher.

Aside from automation cyber criminals are becoming increasingly evasive “Our data demonstrates that it is increasingly difficult to trace attacks to specific entities or organisations.”

What is known is that the majority of attacks originate from bots developed in the US (29%) and China (10%). Such bots are simply left to make consistent attempts to hack and retrieve critical data.

Imperva advise CEOs across all industries to always consider their businesses a target and especially “If you hold sensitive information with value for governments, employees or competition.”

 

 

 

 

 

 

Leaked evidence hints that Chinese authorities hacked Google

The international furore surrounding the publishing of secret diplomatic communications by whistleblowing site Wikileaks, has revealed that Google is thought to have been hacked by the Chinese government earlier in the year, resulting in the ensuing face-off between the world’s largest country and the search giant.

Media outlets from around the world, including the Guardian in the UK and the New York Times in the US, were provided with a quarter of a million messages sent between American diplomats and among the thousands of revelations which have been subsequently made public, the direct hacking of Google by a government is one of the most significant for the IT security sector.

According to reports, it was the Politburo within China that ordered the attacks on Google. Information relating to the hacks was passed to a US ambassador at the start of the year by an anonymous contact from within China.

The Chinese government allegedly orchestrated the attacks with the help of various groups, including hackers who had been put onto the payroll of the ruling party in order to do the most damage to perceived threats.

The leaked documents show that China has been actively hacking into systems operated by other nations, as well as those of private companies, for eight years.

Google went public with news of the hack back in January, although the hack itself took place almost a year ago in December 2009. This resulted in a stand-off during which the firm threatened to withdraw from China altogether, superficially over complaints relating to its unwillingness to filter search results in line with the wishes of authorities.

Upon the publication of the diplomatic messages on Wikileaks the site reported that it was being hit by a massive distributed denial of service attack (DDoS), although observers have pointed out that the significant international interest in this information might have had the same impact upon its servers as a deliberate assault.

The leakage of this vast amount of sensitive data has been condemned by many international governments and the US was already working on damage control before the publication took place.

SMEs seek to improve business continuity and disaster recovery

A study carried out by analyst firm Forrester, has concluded that many small and medium sized businesses are going to be focusing on improving their disaster recovery and business continuity plans within the next year.

Business continuity planning has to take into account a large number of scenarios, from power cuts and flooding, to natural disasters and security breaches, according to Forrester’s Stephanie Balaouras.

Balaouras explained that the decision makers at the head of smaller firms and enterprises had been reluctant to invest in business continuity and disaster recovery in the past, because there is inadequate data relating to the probability of the most catastrophic events ever occurring.

To counteract this problem, various data protection firms and analysts have compiled formal explanations of why business continuity planning is essential. Balaouras cited a recent statistic which found an average business would encounter nearly 400 disasters annually, equating to nearly £70 billion pounds of lost business each year.

In 2009 the league table for the most disaster-affected nation was headed by the US, with catastrophes costing the economy close to £7 billion. It was followed by China, which lost around £3 billion to disasters and then France, which saw £2 billion slip away in the same manner.

Industry watchdogs are attempting to promote the importance of a business’ ability to recover operational viability as quickly as possible in the event of a disaster and Balaouras identified 22 different global initiatives with this goal in mind.

SMEs are likely to benefit from business continuity planning, not just in the event of a disaster, but when they seek to secure business partnerships with third party firms. A study conducted two years ago found that 80 per cent of businesses had been asked to prove their disaster recovery capabilities before entering into a working relationship with another organisation.

Over a third of the respondents to Forrester’s recent survey said that they were going to be bolstering investment in business continuity over the next year by a minimum of five per cent, while only a tenth said that they were having to cut spending in this area.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal