Linux end users may not have to worry about malware too often, but apparently, folks who like to roll their own code still draw the attention of hackers. Kernel.org, the online repository of the Linux kernel, is reporting that it fell victim to a security breach in August. Don’t start screaming and unplugging your Ubuntu PCs just quite yet, though – the administrators believe the attack only compromised users who accessed the kernel.org site, and not the Linux source code itself.
There’s more news from the China front today, but this tidbit is a little more sinister than a dry piece on PC sales numbers. For a long time, the Chinese government has been rumored to be the hidden hand behind cyber attacks across the world. They’ve always denied any wrongdoing. But now, it appears that a Chinese military propaganda documentary has inadvertently (or not) tipped China’s hand and shown proof of the nation’s role in hack attacks.
Security firm McAfee on Tuesday published the results of "Operation Shady RAT" (where RAT stands for Remote Access Tool), which the company describes as "the most comprehensive analysis ever revealed of victim profiles from a five year operation by one specific actor." McAfee said it traced several cyber shenanigans back to a single server used by the intruders to hack into 72 organizations, including offices of the Associated Press, governments of the United States, the United Nations, and others agencies around the world.
With each cyber attack, authorities around the world are coming under increasing pressure to crack down on hackers and "hacktivist" groups. Last week, the global crackdown against the nebulous hacktivist group Anonymous saw the arrest of nearly three dozen alleged Anonymous members in Spain and Turkey.
The revelation is part of a Foreign Affairs article in which Lynn discusses Pentagon's cyberstrategy. A foreign intelligence agency is said to have orchestrated the cyberattack, which affected both “classified and unclassified systems.” A military laptop was the first to be compromised and there was no stopping the rogue code from there on.
"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," Lynn writes in the Foreign Affairs article.
When Google announced that it might be pulling out of China as a result of recent cyberattacks, everyone assumed the Chinese Government was involved in the breach. After all, pulling the plug on the largest customer base of Internet users in the world couldn't have been an easy decision to make, and would have been a bit of an overreaction if the evidence was pointing to a private individual or company. With this in mind however, its important to note that Google hasn't officially implicated the Chinese government in the attacks, and that rumor now stands in stark contrast to a statement issued today by Chinese officials.
The "accusation that the Chinese government participated in (any) cyberattack, either in an explicit or inexplicit way, is groundless and aims to denigrate China," an unidentified ministry spokesman told Xinhua, according to an Agence France Presse report. "The U.S. has criticized China's policies to administer the Internet and insinuated that China restricts Internet freedom...This runs contrary to the facts and is harmful to China-U.S. relations," a Chinese Foreign Ministry spokesman said.
The harsh words quoted above out of Beijing are one of the first public reactions to Hillary Clintons recent lecture on Internet freedom. In her speech Clinton criticized Chinas efforts to censor the country's 384 million web users which she claims are trapped behind "The Great Firewall of China". Clearly the Chinese government was not amused. Google hasn't stopped censoring the results on Google.cn just yet, but CEO Eric Schmidt said on Thursday that it would happen soon.
So is China's blanket denial of any wrong doing good enough for you? Keep this link bookmarked for ongoing coverage of the situation as it unfolds.
In a blog post today, Google has revealed some details on what it says was an unusually coordinated series of cyber-attacks launched against it in December. The attacks, which originated in China, were apparently aimed at gaining access to the Gmail accounts of a number of advocates for human rights in China. Google says only two accounts appear to have been accessed, and even then only basic details like subject lines and date stamps were taken.
As part of their investigation, Google claims to have discovered that dozens of human rights activists the world over have had unauthorized individuals access their Google accounts. This was not part of the December attacks, but was likely the result of phishing. Google has apparently plugged the holes that were exploited, but they aren’t done yet.
The Google.cn domain was launched in 2006 when the internet giant agreed to censor some search results. At the time, Google indicated they would monitor the situation, and adjust their approach if needed. According to the blog post, “These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China.”
So starting now, Google says they will stop filtering search results in China. The Mountain View based company plans to discuss with the Chinese government the possibility of operating an unfiltered search engine. If that is not possible, the Google.cn domain may be shut down along with the Chinese Google offices. Is this a good move for Google? Should a commitment to free speech outweigh the lucrative nature of the Chinese market? Or maybe this move is just long overdue.
According to Apple, you should think twice before jailbreaking your iPhone to run software that hasn't been approved for distribution through the iPhone App Store. Should you decide to do it anyway, cellphone towers could come under "potentially catastrophic" cyberattacks, Apple says.
In a filing with the Copyright Office, which is considering a request by the Electronic Frontier Foundation to legalize the practice of jailbreaking, Apple wrote:
"A local or international hacker could potentially initiate commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data. Taking control of the BBP software would be much the equivalent of getting inside the firewall of a corporate computer -- to potentially catastrophic result."
Apple went on to say that the technological protection measures in the iPhone were specifically designed to avoid such scenarios, and jailbreaking would undo all of that.
Fred von Lohmann, the EFF attorney who has requested that consumers have the legal right to jailbreak iPhones, isn't buying Apple's claims.
"As far as I know, nothing like that has ever happened," Lohmann said in an interview. "This kind of theoretical threat is more FUD than truth."
Officials say that the spies – thought to be from Russia, China and other countries – only wanted to take stock of the American electrical infrastructure and intended no immediate harm. "There are intrusions, and they are growing," a former Department of Homeland Security official told the WSJ.
Both the Russians and Chinese have rebuffed the allegations against them. It is difficult to ascertain whether or not these cyber-saboteurs are acting at the behest of a foreign government.