Chinese Hack of U.S. Chamber Undetected for Six Months

Thursday, December 22, 2011



Reports indicate that the Chinese-based intrusion of U.S. Chamber of Commerce networks went on for as long as six months before being detected.

System administrators at the Chamber were unaware of the breach until they were notified by the FBI after some of the organization's documents were discovered on Chinese web servers.

The operation is being characterized as an Advanced Persistent Threat (APT), typically used to describe infiltrations that take place over a long period of time and utilize a combination of sophisticated measures to gain access to protected networks.

"What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence," said the Chamber's COO David Chavern.

Chinese state officials have completely denied any knowledge of or connection to the operation, reiterating their claims that they ave a zero tolerance policy for unauthorized access and hacking of foreign networks.

"The report is baseless. We have stated China's stance on this issue multiple times," said Chinese Foreign Ministry spokesman Liu Weimin.

U.S. security experts refute China's assertion that the state does not actively support offensive cyber operations for the purpose of exfiltrating valuable proprietary and trade secret information in an effort to gain an economic edge against rival nations.

“This happens all the time. This is essentially the modus operandi of China’s economic espionage campaign. Hackers use a trade group as a beachhead to compromise the constituency. What intellectual property does the Chamber have? They don’t. But they’re trusted," said Tom Kellermann, a member of President Barack Obama’s commission on cyber security.

Some believe that the breach revelations could affect information sharing activities between the Chamber and member companies and organizations given the depth and duration of the network intrusion.

“Businesses are already worried about the cyber theft of their internal trade secrets. Now they have to worry that the sensitive information they’ve shared with the Chamber is compromised,” said Good Harbor's Jacob Olcott, a principal with consulting firm's cybersecurity team.

In a touch of irony, the U.S. Chamber had been one of the more outspoken critics of some proposed cybersecurity legislation, according to a document cited by the Wall Steet Journal.

Possibly Related Articles:
Network Access Control
China Hacking Advanced Persistent Threats Headlines Espionage Network Security breach U.S. Chamber of Commerce Exfiltration
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.