Commerce Department Targeted by Chinese?

Commerce Department Targeted by Chinese?
Commerce Department Targeted by Chinese?

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Kim Zetter 
Threat Level
May 30, 2008

Fellow Threat Leveler Kevin Poulsen effectively took the wind out of 
sources in a recent National Journal story who suggested that the 
Chinese were to blame for the 2003 northeast blackout. The Journal cited 
information gleaned secondhand from unnamed intelligence sources to 
proffer the speculation.

But at least one bit of other information in the article has been 
pursued by the Associated Press . . . though to inconclusive results. 
That information pertains to an unnamed source who told the Journal that 
Commerce Secretary Carlos M. Gutierrez was the target of cyberespionage 
in China during a visit there last December for trade talks.

The Journal cites an unnamed computer security expert who says spyware 
was discovered on "devices" used by Gutierrez and other Commerce 
officials during the China trip, but isn't specific about the equipment 
that was targeted and seems careful to say that the unnamed expert has 
firsthand knowledge of the kind of spyware discovered, rather than 
saying he has firsthand knowledge of their actual discovery on Commerce 

    During a trip to Beijing in December 2007, spyware programs designed 
    to clandestinely remove information from personal computers and 
    other electronic equipment were discovered on devices used by 
    Commerce Secretary Carlos Gutierrez and possibly other members of a 
    U.S. trade delegation, according to a computer-security expert with 
    firsthand knowledge of the spyware used. . . . According to the 
    computer-security expert, the spyware programs were designed to open 
    communications channels to an outside system, and to download the 
    contents of the infected devices at regular intervals. The source 
    said that the computer codes were identical to those found in the 
    laptop computers and other devices of several senior executives of 
    U.S. corporations who also had their electronics "=C2=80=C2=9Cslurped"=C2=80=C2=9D while 
    on business in China.

An Associated Press story written by Ted Bridis confirms that U.S. 
authorities are suspicious that Gutierrez might have been targeted and 
have launched an investigation, but it doesn't mention spyware in 
relation to the investigation. The piece mentions that Gutierrez may 
have left his laptop unattended at some point during his China trip and 
there's concern that the Chinese copied its contents to try to access 
the Commerce Department's network, presumably to uncover proprietary 
information about U.S. technologies as well as to gain information it 
could leverage against the U.S. in trade talks.

The piece doesn't say why authorities suspect the laptop was 
compromised, although it mentions that since Gutierrez returned from 
China, the U.S. Computer Emergency Readiness Team of forensic experts 
has rushed to the Commerce Department a number of times to respond to 
serious attempts at data break-ins. A spokesman for the Department of 
Homeland Security notes, however, that "there's nothing to substantiate 
an actual compromise at this time"; and that although US-CERT workers 
visited the Commerce Department eight times since December, none of 
those visits related to laptops or the secretary's trip to China.

The AP piece does mention spyware, though not in relation to Gutierrez. 
It recounts a story told during a speech last December by senior U.S. 
intelligence official Joel F. Brenner. Brenner said an American 
financial executive detected attempts to remotely implant monitoring 
software on his PDA during a visit to Beijing. The unnamed executive 
"counted five beacons popped into his PDA between the time he got 
off his plane in Beijing and the time he got to his hotel room," 
according to Brenner's account. It's unclear if this executive is one of 
the same senior U.S. executives mentioned by the unnamed Journal; source 
in his account of U.S. businessmen who discovered spyware on their 
computing devices while in China.

So is all of this part of a government effort to hype the China cyber 
threat? Who knows.

The AP says that "Commerce Department break-ins have been so serious 
that its Bureau of Industry and Security, which regulates exports of 
sensitive technology that might be used in weapons, effectively 
unplugged itself from the Internet."

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. 

Site design & layout copyright © 1986-2015 CodeGods