Subscribe to
Computerworld FBI looks at Chinese role in Darfur site hack
Aid organization's Web and e-mail servers under attack
- Clues point to Jan. 13 release of Windows 7 beta
- Microsoft releases Vista SP2 beta
- Obama's DHS pick may find support for raising H-1B cap at confirmation hearing
- IBM wants info from Apple execs in Papermaster case
- License server glitch exposes SonicWall users to e-mail security threats
- Report: Former AOL chief exec tries to raise funds to buy Yahoo
 The Security Zone
With the mobility of employees and the ease with which external devices can be brought in and out of a network, continuing to build your security plan for network servers and clients is a must. Fortunately, there is much that organizations can do to protect themselves from attacks - internal and external. Having the right policies, procedures and server configurations is critical... Learn more in The Security Zone See All Zones
|
March 21, 2008 (IDG News Service) The U.S. Federal Bureau of Investigation is looking into a possible China connection in the hack of a nonprofit group created to draw attention to the ongoing genocide in western Sudan's Darfur region.
The Save Darfur Coalition called in the FBI earlier this week after discovering that someone had gained unauthorized access to its e-mail and Web server, according to Allyn Brooks-LaSure, a spokesman with the group.
Brooks-LaSure doesn't know who is behind the attacks, but he said the Internet Protocol addresses of the computers that had hacked his organization were from China. "Someone in Beijing is trying to send us a message," he said.
The hackers seemed to be primarily interested in gathering data on his group, Brooks-LaSure said. Save Darfur has been trying to get China to pressure Sudan's government into stopping the mass killings in Darfur's ongoing civil war. China is one of Sudan's largest trading partners.
Computers in China have been the source of many attacks in recent years, although security experts say that sometimes China-based machines are simply used as jumping-off points for attackers who actually reside in other countries such as the U.S. or Russia.
Groups that work with Save Darfur may have also been hit, Brooks-LaSure said. Some partner organizations have been the subject of very targeted e-mail attacks over the past few weeks that have tried to trick workers into opening malicious documents or visiting malicious Web sites. These are both common ways of installing unauthorized software on a victim's computer.
This type of targeted e-mail attack was recently employed by attackers looking to infect people on a pro-Tibet mailing list. Victims who opened what appeared to be a statement of solidarity for the people of Tibet were secretly hit with attack code that exploited a flaw in Adobe's Acrobat software, said security researchers at F-Secure in a blog posting.
"It looked like it was coming from the Unrepresented Nations and Peoples Organization (UNPO). However, the e-mail headers were forged and the mail was coming from somewhere else altogether," wrote F-Secure.
Many pro-Tibet organizations have been targeted with these types of attacks in recent months, the company added. "This is not an isolated incident. Far from it," the company said. "These e-mails have been sent to mailing lists, private forums and directly to persons working inside pro-Tibet groups. Some individuals have received targeted attacks like this several times a month."
A similar type of attack was used last month to infect computers at a committee working on security at the upcoming 2008 Olympic Games in Beijing, according to security vendor MessageLabs.
Members of that committee were infected by a malicious Microsoft Word document that they then forwarded to other organizations, according to MessageLabs researcher Maksym Schipka. In that case, "the bad guys did not have to hack into the good guy's mail server, all they had to do was persuade them that the document was something interesting so that the good guys themselves would forward it on," he said.
It is not clear that there is any connection between the attack reported by MessageLabs and that reported by Save Darfur.
When contacted Friday regarding the Save Darfur incident, FBI Spokeswoman Debbie Weierman confirmed that the law enforcement agency was "looking into the matter."
Reprinted with permission from
IDG.netStory copyright 2008 International Data Group. All rights reserved.
Today's Top Stories
Resource Alerts
Webcasts
Web Threats Don't Discriminate
The Secure Web Gateway. Mission Critical For Business
Dynamic Data Center and Virtualization Drives Operational Excellence at Emory Healthcare
Editor's Picks
Clues point to Jan. 13 release of Windows 7 beta
Microsoft releases Vista SP2 beta
Obama's DHS pick may find support for raising H-1B cap at confirmation hearing
IBM wants info from Apple execs in Papermaster case
License server glitch exposes SonicWall users to e-mail security threats
Report: Former AOL chief exec tries to raise funds to buy Yahoo
 Fired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day.New baits 
|
|
 |
|
Patrick Thibodeau: Satellite images of U.S military bases Which is more important? Helping terrorists or protecting military bases? Answer: protecting Web 2.0 ... [more] |
| White Papers  Read up on the latest ideas and technologies from companies that sell hardware, software and services. | ||||||
|
