Chinese military exposed as experienced internet attackers

The revelation comes after years of finger pointing by Western governments over server cyber-attacks – accusations that have been vigorously denied by the Chinese government, Infosecurity notes.

According to the Epoch Times, six seconds of a picture of a computer screen shown in the background of a Chinese military TV programme revealed a Windows application with the legend 'select attack target' and allowing the user to select an IP address to attack. In the TV programme, an IP address belonging to a US university was shown, along with a drop-down menu of Falun Gong websites.

According to the newswire, a standard piece of Chinese military propaganda screened in mid-July included what must have been an unintended – but nevertheless damaging revelation – “shots from a computer screen showing a Chinese military university is engaged in cyberwarfare against entities in the US.”

“The documentary itself was otherwise meant as praise to the wisdom and judgement of Chinese military strategists, and a typical condemnation of the US as an implacable aggressor in the cyber-realm. But the fleeting shots of an apparent China-based cyber-attack somehow made their way into the final cut”, noted the newswire.

The Epoch Times goes on to say that the screenshots show the name of the software and the Chinese university that built it, the Electrical Engineering University of China's People's Liberation Army - “direct evidence that the PLA is involved in coding cyber-attack software directed against a Chinese dissident group.”

"The CCP has leaked its top secret here", says Jason Ma, a commentator for New Tang Dynasty Television, told the newswire, adding that this is the first time we see clearly that one of the top Chinese military universities is doing this research and developing software for cyber-attacks.

"Now we've got proof," Ma told the newswire. "They're also extending their persecution of Falun Gong overseas, attacking a civil website in the US. These are the clear messages revealed in these six seconds of video."

Commenting on the revelations, Steve Watts, co-founder of SecurEnvoy, said that, whilst Western governments have engaged in finger pointing at China over government and allied agency server attacks for several years, the Chinese government has always vehemently denied the claims.

“The topic resurfaced again earlier this month over the so-called Shady RAT – Remote Access Trojan – attacks of the last several years on Western computer systems, and the Chinese government used the People's Daily, its official media voice, to refute the allegations”, he said.

“It's therefore kind of ironic that the evidence for Chinese government-driven cyber-attacks – and automated attacks at that – should come from a Chinese military TV programme, detailed on the Epoch Times newswire”, he added.

“Talk about being caught red-handed and with your electronic pants down”, he quipped.

More seriously, the SecurEnvoy co-founder explained, now that the Chinese government has been formally identified as the source of at least some of the cyber-attacks on Western government and allied agency computer systems, the IT security managers within these agencies - as well other organisations on both sides of the public/private sector divide – need to plan ahead and counter these advanced attack vectors.

The solution, says Watts, is to use a multi-layered IT security strategy that uses a variety of encryption and other authentication systems to protect the data that the Chinese government - as well as myriad other hackers – are trying to get their hands on.

Some of this information can be useful for military intelligence, but the majority, he adds, is almost invariably useful in other areas, especially where intellectual property (IP) is involved. And since IP is becoming the de-facto currency of choice amongst hackers of all types, it stands to reason that defending IP should become a high priority for all IT security professionals.

“Our observations suggest that it is no longer possible to develop an IT resource that is completely resilient against an external cyber-attack, but the use of authentication as a means of enhancing other credential-enabled data security is a useful additional weapon in the ongoing battle against hackers,” he said.

“Developing a solid layer of authentication also has the additional advantage that - as well as securing data from external prying eyes - it also defends against the insider attacker problem, which can range from the actions of a rogue employee all the way to a careless action by a new member of staff. Whatever the cause, however, authentication is clearly the way forward when it comes to developing a better security mousetrap,” he added.

What’s hot on Infosecurity Magazine?