NSA Chief: China Behind RSA Attacks

[InfoSec News <alerts () infosecnews org>]

http://www.informationweek.com/news/government/security/232700341

By J. Nicholas Hoover
InformationWeek
March 27, 2012

China is stealing a "great deal" of military-related intellectual 
property from the United States and was responsible for last year's 
attacks against cybersecurity company RSA, U.S. Cyber Command commander 
and National Security Agency director Gen. Keith Alexander told the 
Senate Armed Services Committee on Tuesday.

"I can't go into the specifics here, but we do see [thefts] from defense 
industrial base companies," Alexander said, declining to go into details 
about other attacks. "There are some very public [attacks], though. The 
most recent one was the RSA exploits." RSA had earlier pinned the 
attacks on a "nation state."

The attack against RSA, in which the attacker conducted a spearphishing 
campaign that sent disguised emails containing malware that installed 
backdoors via a zero-day Adobe Flash exploit, indicates a high level of 
sophistication by China's hackers, according to Alexander. "The ability 
to do it against a company like RSA is such a high-order capability 
that, if they can do it against RSA, that makes other companies 
vulnerable," he said.

Alexander admitted that the government needs to do a better job against 
these attacks. "We need to make it more difficult for the Chinese to do 
what they're doing," he said. "Intellectual property isn't well 
protected, and we can do a better job at protecting it."

[...]


______________________________________________________________________________
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.  Get a free live class invite weekly.  Best
program, best price. www.ExpandingSecurity.com/PainPill