U.S. Chamber Of Commerce Hit By Chinese Cyberspies

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/232300939/u-s-chamber-of-commerce-hit-by-chinese-cyberspies.html

By Kelly Jackson Higgins
Dark Reading
Dec 21, 2011

The latest casualty in China's alleged cyberespionage campaign against 
U.S. interests? The U.S. Chamber of Commerce.

Information on the Chamber's 3 million members representing most of the 
top companies in the U.S. was potentially exposed in a targeted attack 
that might have been in operation for more than a year and was 
eventually halted by the Chamber in May 2010, according to a report 
today inThe Wall Street Journal.

The Chamber poses an attractive target for spies with its corporate 
membership representing U.S. business interests, so it's no surprise it 
would be in the bull's eye of so-called advanced persistent threat (APT) 
actors, security experts say.

"It doesn't surprise me at all," says Jeff Schmidt, founder and CEO of 
JAS Global Advisors. "It's an amalgamation of American businesses: What 
better place [for these attackers] to go than the U.S. Chamber?"

What was most striking about this attack was evidence that the 
perpetrators specifically went after four employees of the lobbying 
organization who work on Asia policy, pilfering six weeks' worth of 
their emails. The six-month long campaign involved some 300 IP addresses 
and compromised email of close to 50 members, who were told about the 
breach. Among the information exposed in the emails were trade policy 
documents, meeting notes, trip reports, schedules, and the names of 
members who are in contact with the Chamber, according to the article.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn