AOH :: ISN-3306.HTM

Foreign intelligence agents hacking UK businesses,

Foreign intelligence agents hacking UK businesses,
Foreign intelligence agents hacking UK businesses, 

By Bill Goodwin
21 November 2006

Senior government officials have warned businesses that foreign 
intelligence services are using sophisticated electronic attacks to 
steal sensitive financial and technological secrets from their IT 

Overseas intelligence agencies engaged in economic espionage are 
targeting UK firms for technical information and details of contract 
bids from major firms, they said.

The attacks are thought to originate from countries including China, 
North Korea and former Soviet states.

The National Infrastructure Security Co-ordination Centre (NISCC) said 
the attacks have increased over the past 12 months.

"The scale of these attacks requires a processing capability which 
suggests this is not a cottage industry. There is no sector of the 
critical national infrastructure that we have not seen targeted. If all 
of those attacks were successful, we are talking about huge amounts of 
information being accessed," said NISCC director Roger Cumming.

"In a lot of cases the attacks aim to provide the parties with a 
technological advantage, and to gain access to scientific and technical 
information. In some cases there have been attacks against government."

Government security officials believe that overseas intelligence 
agencies are investing significant resources in identifying people in an 
organisation who have access to the data they want. They use social 
engineering techniques to trick staff into opening e-mails or plugging 
in USB memory sticks to infect computers with hacking tools, the NISCC 

The attacks make use of unrecorded vulnerabilities, known as zero-day 
attacks, which evade anti-virus and anti-spyware systems.

Intelligence officials have identified attacks against critical 
businesses by monitoring news reports for information that has been 
leaked about firms and matching the leaks against computer security 

The NISCC has held behind the scenes talks with business groups about 
the attacks, which in the past have been mistakenly attributed to 
organised criminal groups. It is urging them to update their risk 
management strategies to reflect the risks posed by well-funded overseas 
intelligence services.

"Understanding what is important in your organisation is crucial. 
Remember, these are not random attacks. They are going after information 
that is important to them," said Cumming.

Allan Paller, director of US security advisory organisation the Sans 
Institute, said evidence from the US showed that foreign intelligence 
services had penetrated US government computer systems.

He advised businesses to respond to threats by carrying out mock 
phishing attacks within their organisations to educate staff. An 
exercise by New York State found that 80% of staff fell for the e-mails, 
but this was cut by half when the exercise was repeated, he said.

The NISCC, which monitors the security of firms responsible for critical 
services, such as energy and transport, has appealed to businesses in 
other sectors that are attacked to report it. All reports will be 
treated as confidential, it said.

Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods