More Cyberterrorism – Taiwan Political Party Accuses China of Hacking

Well there hasn’t been a whole lot of news the last couple of days apart from the London riots – which don’t have much of a technical spin. The only technical part is that the looters/rioters etc seem to be organizing themselves using BBM (BlackBerry Messenger) and Twitter.

The former being rather smart as it’s encrypted and sent via a 3rd party network – so it’s not open to wiretapping. It’s unlikely the tracksuit wearing chavs & hoodies know that, but still – it’s keeping them safe. Posting videos/pictures of themselves on public Twitter and Facebook accounts is not so smart though and will surely lead to some arrests.

Anyway that’s not the topic here, the topic here is another politically motivated hacking attack – what we would commonly call cyberterrorism.

A Taiwanese political party suspects the Chinese government is behind a hacking attack that stole information about the party’s election activities.

Taiwan’s Democratic Progressive Party (DPP) said on Tuesday that some of the attacks had been traced to China’s Xinhua News Agency, a state-run press group. The attack operated as a phishing campaign, in which DPP staffers were sent e-mails by hackers who attempted to impersonate other party employees. The staffers were then told to open the e-mail attachments, which secretly contained viruses to monitor the computers, a DPP spokeswoman said.

The DPP alleges the attacks were routed from the Xinhua News Agency through Malaysia and Australia. The attacks were also traced to IP addresses from the Chinese mainland. The Xinhua News Agency was contacted for response, but has yet to an issue a comment.

IT security experts have said the attacks were part of a state-sponsored hacking attempt, according to the DPP. “Already many countries and security groups have said the attacks from China’s cyber army are well organized and that a state actor guides and supports them,” the DPP said in statement issued on the party’s website.

As we all know, Taiwan and China are not really the best of friends with China claiming Taiwan to be part of it and Taiwan not quite agreeing. In China they fully act like Taiwan is just another state/province in China.

This time it seems to be a state run Chinese news agency (Xinhua) attacking Taiwan’s Democratic Progressive Party (commonly know as DPP).

These are of course at this time just claims, and it’ll probably stay that way as there’s no conclusive proof in these kind of situations.

China is already in the spotlight for cyber attacks after security vendor McAfee reported a massive cyber attack that stole sensitive information from 72 companies and organizations. Although McAfee did not name the group behind the hacking attempts, security experts have pointed fingers at China because of the organizations targeted. China, however, has repeatedly denied it sponsors any kind of hacking.

A DPP spokeswoman said the phishing attacks have been an ongoing problem, but that it appears more of the recent hacking attempts have been coming from China.

Taiwan and China separated in 1949 after a civil war. While China’s ruling communist party seeks for reunification with the island, the DPP supports Taiwan becoming its own nation, putting the two at odds with one another.

The DPP said on Tuesday it also traced hacking attempts to Taiwan’s own Research, Development and Evaluation Commission and called for the commission to investigate. The commission could not be reached for immediate comment.

China have been in the spotlight fairly recently with some very widespread phishing attacks including – Targeted Phishing Attacks Carried Out On Gmail – Likely From China.

It seems like these kinds of games will be going on forever including hacktivism, cyberterrorism, defacement in the name of certain causes and all kinds of other naughty business.

With so much information on computers now it’s no surprise, I’d like to see these kind of organisations having better infosec policies though including awareness training for all staff with access to e-mail accounts and computers.

Source: Network World

Posted in: Hacking News

, , ,

Latest Posts:

SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.

One Response to More Cyberterrorism – Taiwan Political Party Accuses China of Hacking

  1. Bogwitch August 10, 2011 at 11:30 pm #

    China again?

    I’m sure I’ve said it here before but it bears repeating. There is plenty of evidence that China is involved in hacking. There is no evidence to suggest it is state sponsored but there wouldn’t be, would there?

    The usual rebuttal is that it could (and it could) be hackers from outside of China staging attacks from compromised machines inside China. Yup, that’s entirely possible but the levels of compromise, the sophistication of the attacks and the selected targets really do suggest a state involvement to one degree or another. Bearing that in mind, if you were a state actor, would you use China to stage your attacks, knowing full well that China has intensive Internet monitoring and is at liberty to seize computers from within their borders with impunity? Would you risk the intelligence you have gathered falling into the hands of the Chinese?

    There are lots of people that are too politically correct to point the finger at the Chinese and when I say Chinese, I mean Chinese state sponsored, encouraged or at least, not dissuaded. I’m confident to say it almost certainly IS the Chinese as it is the most likely candidate. Occam’s Razor.