[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Chinese hackers reportedly took classified data on MH370 a day after it went missing
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2014-08-21 9:40:55
Message-ID: alpine.DEB.2.02.1408210940440.7436 () infosecnews ! org
[Download RAW message or body]

http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/20/chinese-hackers-reportedly-took-classified-data-about-mh370-a-day-after-it-went-missing/


By Jiaxi Lu
The Washington Post
August 20, 2014

Five months after Malaysia Airlines flight 370 went missing, a report 
emerged on Wednesday saying that Chinese hackers have targeted Malaysian 
government departments involved in the search for the jet.

According to the Malaysian newspaper the Star, on March 9, Malaysian 
officials received a malware disguised as a news report claiming the MH370 
had been found -- a day after the flight disappeared from radar while en 
route from Kuala Lumpur to Beijing with 239 people on board. The newspaper 
cited Amirudin Abdul Wahab, chief executive of CyberSecurity Malaysia, a 
government agency under the Science, Technology and Innovation Ministry.

The newspaper said that a user clicked on a PDF document attached to the 
e-mail and released the malware unknowingly to about 30 computers 
belonging to high-ranking officials at agencies involved with the MH370 
investigation. CyberSecurity Malaysia received reports from the 
administrators saying their network was congested with e-mails going out 
of their servers. Targeted agencies included Malaysia's Civil Aviation 
Department, the National Security Council and Malaysia Airlines, most of 
them owned by the government, according to the Star.

"Those e-mail contained confidential data from the officials' computers, 
including the minutes of meetings and classified documents. Some of these 
were related to the MH370 investigation," Wahab said, according to the 
Star.  "This was well-crafted malware that antivirus programs couldn't 
detect. It was a very sophisticated attack."

Wahab added that CyberSecurity Malaysia was able to block the 
transmissions of the data but that some information had already been sent 
from those hacked computers to an IP address that was tracked to China. 
Wahab said he suspects the motivation for the hacking was the MH370 
investigation.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/

[prev in list] [next in list] [prev in thread] [next in thread]