The three state-owned Chinese companies at the centre
of US cyber espionage claims have deep and long standing involvement in
Australia, according to an American cyber security expert.
On Monday US attorney-general Eric Holder publicly indicted five Chinese soldiers on charges of stealing company secrets from American companies.
Washington
claims that from 2006 five officers from a secretive hacking unit of
the People's Liberation Army (PLA) called "Unit 61398" hacked the
computers of US companies and stole secrets beneficial to three Chinese
state-owned enterprises (SOEs) that were their direct competitors.
Dmitri
Alperovitch is a former vice-president of threat research at security
software company McAfee and has led two investigations into Chinese
hacking and cyber-espionage against American companies.
The US did
not name the three Chinese companies, only labelling them as SOE1, SOE2
and SOE3, but Mr Alperovitch told 7.30 it is clear from evidence in the
indictment the companies are global aluminium giant Chinalco, Baosteel
and nuclear company SNPT.
The three companies have long and deep connections with Australia.
"These are massive companies with billions of dollars in revenue and heavily involved in the world market," Mr Alperovitch said.
"Baosteel
is in the acquisition stage of trying to acquire resources in an
Australian company right now, so all these companies would be familiar
to the Australian audiences because they're massive companies in China
and they are very interested in resources and extracting resources from
Australia and other countries."
He is referring to Baosteel's current attempt to takeover Australian iron and coal company, Aquila.
Enter the cyber dragon
The ABC goes behind the scenes of the espionage scandal that has emerged between the US and China.
Baosteel has joint business interests with Andrew
Forrest's Fortescue Mining and funds a research and development centre
in Queensland involving four major east coast universities.
Chinalco
was behind the failed 2009 merger with British-Australian miner Rio
Tinto, while an ASX-listed wholly owned subsidiary of Chinalco, Yunnan
Copper Resources, runs five mining projects in north Queensland.
SNPT
buys vast amounts of Australian uranium and was involved in a 2011
takeover bid for a Perth company with large uranium holdings.
Mr
Alperovitch is bound by confidentiality agreements regarding Australian
companies that have been hacked, but says "they're major companies and
they have lost significant intellectual property".
He says evidence indicates the company referred to in the indictment as SOE2 is Baosteel.
According
to the indictment, a Unit 61398 officer created a secret database at
SOE2 which was used to hold corporate intelligence about the iron and
steel industries.
In early 2010, America's largest steel maker, US Steel, was embroiled in a legal dispute with Baosteel.
In the middle of the dispute, an email supposedly from US Steel's chief executive was sent to 20 of its senior employees.
It was actually sent by cyber hacker Sun Kai Liang, who used a technique known as spearfishing.
A
link in the email downloaded intrusive malware onto US Steel computers,
which enabled Wang Dong - operating under the pseudonym of UglyGorilla -
to steal data from more than 1,700 US Steel computers.
Dmitri Alperovitch says the US Steel hack was typical of Unit 61398.
"We
are seeing these patterns over and over again. We are seeing situations
where companies are going into partnership with Chinese companies, or
they have info that a Chinese company wants and we are seeing hacking
attempts by the PLA to get that intellectual property and then that
property ends up at these companies," he said.
"So it shouldn't be
surprising if major manufacturing companies doing business in China are
being hit by the PLA to benefit SOEs."
Source:http://www.abc.net.au
5 Essential VoIP Account Fraud Controls
Not all pirates sail the seas. In fact, most surf
the web, looking for network vulnerabilities that grant them access to
information or VoIP credentials they can use or sell at your expense.
The good news is, you can protect your SIP account with these important features(as long as your provider makes them available):
- Maximum Outbound Rate: Set a predetermined allowable outbound rate to protect your account from scam artists who break in and dial pricey foreign numbers that pay the receiving party an exorbitant amount (and make you pay for it).
- Flexible Destination Whitelist: It should be easy and instant for you to add and remove allowable destinations right on your account dashboard. Of course, you can implement a whitelist in reverse. That’s called a blacklist and designates destinations to which calling is not allowed. Blacklists give you more initial freedom but whitelists provide greater security off the bat.
- IP Authentication: Static IP addresses are secure and difficult to fake. Assign IP addresses to users and verify identity that way by creating a list of IP addresses your account will accept out going calls from.
- Automatic Destination Restriction: In the event someone does seize control of your account, your provider should recognize the uncharacteristic behavior and shut it down.
- Pre-paid Balance: A pre-paid account limits your exposure to existing credit levels. And if accounting demands post-paid vendors, ask them who pays the bill when web pirates sail away with your credentials.
5 Essential VoIP Account Fraud Controls
Not all pirates sail the seas. In fact, most surf
the web, looking for network vulnerabilities that grant them access to
information or VoIP credentials they can use or sell at your expense.
The good news is, you can protect your SIP account with these important features(as long as your provider makes them available):
- Maximum Outbound Rate: Set a predetermined allowable outbound rate to protect your account from scam artists who break in and dial pricey foreign numbers that pay the receiving party an exorbitant amount (and make you pay for it).
- Flexible Destination Whitelist: It should be easy and instant for you to add and remove allowable destinations right on your account dashboard. Of course, you can implement a whitelist in reverse. That’s called a blacklist and designates destinations to which calling is not allowed. Blacklists give you more initial freedom but whitelists provide greater security off the bat.
- IP Authentication: Static IP addresses are secure and difficult to fake. Assign IP addresses to users and verify identity that way by creating a list of IP addresses your account will accept out going calls from.
- Automatic Destination Restriction: In the event someone does seize control of your account, your provider should recognize the uncharacteristic behavior and shut it down.
- Pre-paid Balance: A pre-paid account limits your exposure to existing credit levels. And if accounting demands post-paid vendors, ask them who pays the bill when web pirates sail away with your credentials.
No comments:
Post a Comment