Language Selection

English French German Italian Portuguese Spanish

China 'using worms to steal trade secrets'

Filed under
Security

Cyberspace is becoming a new battleground for the US and China, amid growing concerns about Chinese industrial espionage through various types of computer worms, security professionals claim.

At least one trojan program used to steal files from infected computers has been traced to servers in China, providing further evidence that US companies may be targets, they say.

Security firms have long been concerned about various types of malicious software used to steal files or passwords. But some newer programs seem designed as a more sophisticated and targeted effort.

Joe Stewart, a researcher with the US security firm Lurhq, said that by reverse-engineering a recent PC worm known as Myfip, he found a clear connection to China.

"All the emails we've traced back with this particular attachment came from a single address in China," Stewart said, adding that it was "highly likely" that the program was used for espionage against US high-tech and manufacturing firms.

Stewart said the program appeared to have been originally developed as a way to steal student exam papers and then expanded so that it could now copy many types of documents, including computer-assisted drawings and Microsoft Word files.

Forbes magazine, which first reported the Chinese origin of Myfip, said the worm had been propagating by spam that activated the program when recipients clicked on attachments. Forbes said about a dozen versions of Myfip may have been in circulation and used to steal sensitive documents including mechanical designs and circuit board layouts.

Analysts point out that tracking attacks or malicious software can be tricky because the origins can be disguised.

But Marcus Sachs of SRI International, who also directs the industry-academic SANS internet Storm Centre that monitors cyberattacks, said the evidence against China is solid.

"I believe firmly that the Chinese are using tools like Myfip to conduct industrial espionage on the US and other industrial countries that have mature data networks," he said.

Sachs said the latest types of malicious software, or "malware," represent a new strategy by creators of the programs.

"Most of the credit card theft, money laundering and fraud is coming from Russia or former Soviet Union countries," Sachs said.

"The Chinese seem to be a bit more clever in covering their tracks and are more likely conducting covert raids for corporate secrets, rather than chasing money like their Russian organised crime counterparts."

But the techniques may not be limited to industrial espionage. Some analysts say similar malware may be targeting government agencies in a bid to steal other types of secrets.

The online newsletter SecurityFocus claims the wave of cyberattacks that hit Britain last month may have been part of an effort to obtain government documents from British and US agencies.

Britain's National Infrastructure Security Coordination Centre said last month that a series of trojan-laden email attacks were "targeting UK government and companies," in an apparent "covert gathering and transmitting of commercially or economically valuable information."

The June 16 warning did not specifically mention China but said most of the evidence pointed to computers in "the Far East."

AFP

More in Tux Machines

Canonical Publishes Impressive Roadmap for All of Their Ubuntu Products

Canonical is working on multiple projects at the same time, and it's often difficult to understand their plans, but Director of Product Strategy Engineering Olli Ries has shed some light on how their inner workings are structured and how things are evolving, from the inside out. Read more

Making the Case for Koha: Why Libraries Should Consider an Open Source ILS

When Engard educates people on what open source is, what it means to use open source software, what types of software are available, which companies use it, and who trusts it, they see that their fears are unfounded, she says. To back up her discussions with facts, she maintains bibliographies on open source and open source security. She also has a set of bookmarks on Delicious, and she wrote a book, Practical Open Source Software for Libraries. “[W]hen people come to me and say open source is too risky … I have facts and figures, just what librarians want, to say no, all software has potential risk associated with it. You have to evaluate software side by side, and look at it, and really take the time to compare it. … I know you’re going to pick the open source solution over the proprietary because it is so quickly developed, so quickly fixed, so ahead of the curve as far as technology is concerned.” Read more

Review of Ubuntu Phone – A Work Still Under Progress

However, what one must remember is that the Ubuntu Phone is still a work in progress. The company is issuing updates every month and is relying on its current user base regarding the feedback and ideas. Right now, only three Ubuntu phones are present in the market ranging from $186 to $328 roughly. Ubuntu has been in hibernation mode for the development of this OS for a long time and it looked like they might be consumer ready now, however, after seeing the Ubuntu Phone it looks like they might be far from that scenario right now. Read more

Android M news: Release date delayed, to come out in September or October?

Google reveals that the newest Android operating system initially codenamed as "Android M" will be delaying the release of Android M Developer Preview 3 for selected Nexus devices. The information was shared by the company's employee and moderator Wojtek Kaliciński on the Developer community page in Google+. Read more