As reports are coming in that China has been positively identified as the source of automated IP hacking, while this is no real surprise, the Chinese TV slip-up is the first real evidence that the Beijing regime is a primary source of Western cyber-attacks.
Whilst Western governments have engaged in finger pointing at China over government and allied agency server attacks for several years, the Chinese government has always vehemently denied the claims.
The topic resurfaced again earlier this month over the so-called Shady RAT – Remote Access Trojan – attacks of the last several years on Western computer systems, and the Chinese government used the People’s Daily, its official media voice, to refute the allegations.
It’s therefore kind of ironic that the evidence for Chinese government-driven cyber-attacks – and automated attacks at that – should come from a Chinese military TV programme, detailed on the Epoch Times newswire, which shows a hacker utility application with legends such as `select attack target,’ highlighting a list of Falun Gong web sites as starting point for an automated attack.
The TV programme event shows shots of a computer screen showing a Chinese military university engaged in cyberwarfare against US servers. Talk about being caught red-handed and with your electronic pants down!
More seriously, now that the Chinese government has been formally identified as the source of at least some of the cyber-attacks on Western government and allied agency computer systems, the IT security managers within these agencies – as well other organisations on both sides of the public/private sector divide – need to plan ahead and counter these advanced attack vectors.
The solution is to use a multi-layered IT security strategy that uses a variety of encryption and other authentication systems to protect the data that the Chinese government – as well as myriad other hackers – are trying to get their grubby paws on.
Some of this information can be useful for military intelligence, but the majority is almost invariably useful in other areas, especially where intellectual property (IP) is involved. And since IP is becoming the de-facto currency of choice amongst hackers of all types, it stands to reason that defending IP should become a high priority for all IT security professionals.
My observations suggest that it is no longer possible to develop an IT resource that is completely resilient against an external cyber-attack, but the use of authentication as a means of enhancing other credential-enabled data security is a useful additional weapon in the ongoing battle against hackers.
Developing a solid layer of authentication also has the additional advantage that – as well as securing data from external prying eyes – it also defends against the insider attacker problem, which can range from the actions of a rogue employee all the way to a careless action by a new member of staff.
Whatever the cause, however, authentication is clearly the way forward when it comes to developing a better security mousetrap.