Skip to main content

Analysis: Lockheed hack highlights cyber-blame snags


Past patterns may point to China, but top investigators say they will never know for sure who mounted a "significant" cyberattack against Lockheed Martin Corp, the Pentagon's No. 1 arms supplier.
Lockheed, which is also the government's top information technology provider, said on Sunday it was a "frequent target of adversaries around the world."
The company has not disclosed which of its business units was targeted, but people with experience plugging holes after such strikes said that cyberspies likely sought trade secrets or weapons-related data.
The Bethesda, Maryland-based company did not respond to a request to clarify whom it deemed adversaries, and whether it suspected a foreign state in the digital assault it said it had detected "almost immediately" on May 21.


Lockheed said it had countered with stepped-up security measures and that no customer, program or employee personal data has been compromised in the "significant and tenacious attack" on its information systems network.
China has generally emerged as a prime suspect when it comes to keyboard-launched espionage against U.S. interests, although the Pentagon says more than 100 foreign intelligence groups have been trying to pierce U.S. networks.
"China's government, the Chinese Communist Party, and Chinese individuals and organizations continue to hack into American computer systems and networks as well as those of foreign entities and governments," the bipartisan U.S.-China Economic and Security Review Commission said in its 2010 annual report to Congress.
The body was created by the Congress in 2000 to advise it on implications of trade with China. It said in its report the methods used in suspected Chinese-launched attacks were growing more sophisticated and increasingly piggy-backing on social networking tools.
BEIJING DISMISSES CHARGES
Beijing, at odds with the United States over Taiwan and other issues, has "laced U.S. infrastructure with logic bombs," a cyberweapon, former U.S. National Security Council official Richard Clarke wrote in his 2010 book "Cyber War."
Beijing steadfastly dismisses such charges.
"I'd say it's just irresponsible to arbitrarily link China to such cyber hacking activities in each and every turn," Wang Baodong, the Chinese Embassy spokesman in Washington, said in an email to Reuters. "As a victim itself, China is firmly against hacking activities and strongly for international cooperation on this front".
Pinning down responsibility for an attack like that reported by Lockheed is "incredibly difficult" given the sophisticated ways that an attacker may misdirect, said Anup Ghosh, a former senior scientist at the Pentagon's Defense Advanced Research Projects Agency, or DARPA.
Encoded clues in the Stuxnet virus that may have slowed progress on Iran's nuclear program, for instance, seemed designed to point to Israel.
But "it is impossible to know if these are red herrings or genuine," said Ghosh, who worked on securing military networks for DARPA from 2002 to 2006 and who now runs Invincea, a software security company.
Eugene Spafford, who heads the CERIAS cybersecurity research facility at Purdue University in Indiana, said the digital residue of an attack would not suffice to lead to a person or place.
"Records may show a network address where those bits came from, and that network address may tie to a machine in a country, but that is only the address of the most recent 'hop'," he said in an email interview.
"It is always possible that it is a system that itself was compromised, by another system that was compromised," and so on and so on, Spafford said. In addition, one could never rule out the possibility that a given cyberstrike might be launched by someone in the pay of yet a third party, no matter where it originated.
Spafford, whose CERIAS lab has partnered with a dozen major companies and national laboratories, including defense contractors and Fortune 500 companies, said the bottom line is that "we likely never really will know who did it."
Investigators first look for hard evidence -- searching for stolen data that may be traveling across the Internet or seeking out people looking to sell information culled in a cyber attack. They typically rely heavily on circumstantial evidence, including whether the attack details match known methods from a suspect and if the targets are consistent with a group's perceived interest.
It is also possible that the U.S. intelligence community, using its vast electronic eavesdropping and other spying capabilities, may make a judgment about the origin independent of forensic analysis, but that too would be subject to doubt.

By Reuters..
Labels:

Comments

Post a Comment

Popular posts from this blog

GL SLAMS ‘COLONIAL’ RIGHTS GROUPS

Sri Lanka’s foreign minister Gamini Lakshman Peiris rejected “colonial” criticism Tuesday of a government-appointed civil war probe, after foreign rights groups snubbed an invitation to attend. New York-based Human Rights Watch, London-based Amnesty International and Brussels-based International Crisis Group last week accused the panel of a cover-up and refused an offer from Colombo to appear before it. Peiris said in a speech to the International Institute for Strategic Studies, a leading think-tank based in London, that the rights groups had displayed a “most unattractive attitude.” “It smacks of an attitude that is almost colonial, patronising and condescending, the assumption being that other people must step in because Sri Lankans are unable to chart a course for their own future,” he said. Peiris, who is in London for talks with the British government, said the LLRC was based on similar reconciliation commissions in countries such as South Africa. He urged rights groups and
Post a Comment
Read more

IRRESPONSIBLE TALK BY MEMBERS COST UNP ITS VOTERS, SAYS SAJITH

The voters have distanced themselves from the United National Party (UNP) because several members had demeaned the military victories during the recently concluded war against the Liberation Tigers of Tamil Eelam, said Hambantota District parliamentarian Sajith Premadasa. Former President Ranasinghe Premadasa’s son, Sajith was addressing a meeting at Gurutalawa at the Yatinuwara electorate in Kandy last evening to raise awareness on his Jathika Jeewaya Programme. Mr. Premadasa launched this programme within three electorates in the Gampaha District last week as well. Adding further, Sajith Pramadasa said the UNP suffered erosion in its support as some had uttered irresponsible comments when the Sri Lankan armed forces were gaining victory after victory in the fight against the LTTE. When the Army captured Thoppigala, some in the UNP had said that Thoppigala was only a jungle, while some had accused the then government and the military of claiming to be advancing towards Kilinochc
Post a Comment
Read more

TNA vows civil disobedience

Sri Lanka’s main Tamil party on Saturday vowed to launch a Gandhi-style civil disobedience campaign to press a long-standing demand for regional autonomy for their ethnic minority. The Tamil National Alliance (TNA) in its manifesto for April parliamentary elections renewed its demand for extensive regional autonomy – after Tamil Tiger rebels who fought in their name were crushed last year. “If the Sri Lankan state continues its present style of governance without due regard to the rights of the Tamil-speaking peoples, the TNA will launch a peaceful, non-violent campaign of civil disobedience on the Gandhian model,” the party said. The TNA was a puppet of the Tamil Tiger rebels who were crushed by security forces in May last year after 37 years of fighting. The United Nations has said up to 100,000 people were killed in the conflict. On Saturday the alliance said it would lobby neighbouring India and the international community to ensure the island’s Tamil community -- 12.5 percent
Post a Comment
Read more